cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Google Cloud VPN to Meraki - NAT traversal?

Highlighted
New here

Google Cloud VPN to Meraki - NAT traversal?

My previous research has turned up the answer of "no", but want to check others' experience:

 

We want to connect a Google Cloud Platform VM to our Meraki network via site to site VPN connection.

 

The Meraki sits behind a NAT and also has it's own public WAN/uplink address.

 

Google's documentation states that they do not support Cloud VPN behind NAT's.

 

Attempts to connect result in getting stuck at the phase 1 handshake process, I've verified that the phase 1 settings for the non-peer site VPN connection is correct (according to the sources I've read). Logs on the Meraki end state that it could not find a valid phase 1 proposal. Logs on Google's end show that it detects a NAT and the private IP address of the Meraki and the public IP do not match (obviously).

 

I'm guessing that I'm stuck at this point outside of either 1. using AWS instead which does support NAT traversal or 2. create a VPN NAT gateway VM on GCP that my primary VPN will connect through, however neither option is ideal.

 

Has anyone else dealt with this before, and if so what are your experiences?

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.