I am trying to figure out a way to create a second VPN connection to our network for contractors outside the United States. The reason we are doing this as we want these contractors to have our IP, so they can connect to Admin and Staging sites. We currently have our 1 Client VPN which we have set up on Meraki. Our employees use this when the WFH. We would like another VPN, that we can set up certain rules within the firewall to not allow contractors to connect to certain areas of our network. Is there a way to connect the Meraki MX100 to another VPN router (in house) to allow for this to happen?
You would need to NAT port 443 through to the ASA - so if just needs to be pingable from the MX. Also note you will need to add a route for the ASA client VPN subnet via the ASA - which means it is much easier if the ASA is in a directly connected subnet behind the MX, but it could also be off a layer 3 switch.