Meraki

Community

Meraki SASE POC setup

Flamby
New here
yesterday
yesterday

Meraki SASE POC setup

Hello everyone,

It's my first time being here, and first time using meraki solutions for a POC purpose.

I'm tasked to set up a SESE POC for a client and have few questions:

 

- I want to use 2 MX routers, 1 at the branch site, and 1 at the HQ

- 1 MR access point to allow branch users connect to internet and therefore to the HQ resources securely.

- Apply SD WAN SASE configuration to allow branch users access HQ resources and that's it.

 

Do you guys have any suggestion ? Do I need any special licensing ? I'm not looking for a full SASE deployment, I just want to show how SASE setup can be done and how remote users can access HQ resources securely.

 

one last question, since the Meraki gears we have are not our, they belong to one of cisco distributors we work with. two devices won't be claimed and the error "Device SerialNumber_HERE not found", does that mean it's claimed by another org ?

Thank you in advance and sorry for the long post

 

0 Kudos
4 Replies 4
RWelch
Kind of a big deal
Kind of a big deal
yesterday
yesterday

Hello @Flamby and welcome to the community.

 

If I understand your post, you want to setup a HQs hub and branch spoke using Site-to-Site VPN Settings?

If these devices are already claimed by the distributors you work with, you might ask if they'd allow you to be admins to the organization in which they've already been claimed.  If they have been claimed, you will not be able to claim them a second time.

Hopefully I have understood what you are wanting to achieve.

You can toggle on the branch VLANs (subnets) through Site-to-Site VPN that you want your allow access to HQs resources.

 

If you are referring to the Cisco Secure Connect you can find a wealth of resources under this link.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
In response to RWelch
Flamby
New here
yesterday
yesterday

Hello @RWelch 

Thank you for your reply, 
My ultimate goal is to show how users located in different branches (1 branch only in this POC actually hosting a MX router) can connect to the main Datacenter securely to access different applications and resources by using Meraki SASE solution (Secure Connect I guess). I'm not sure of the difference between a SASE deployment and a regular Site-to-site VPN in this particular scenario.


Branches don't have anything deployed but internet access only, my idea is to use MX routers in those branches and deploy meraki SASE for that purpose, and at the same time provide internet access through the local breakout.

-> Does Secure Connect seem the right solution in this scenario ?

-> Is there a way to get the Secure Connect license for this demo purpose as it doesn't exist in my dashboard.

-> Is security enforced at the branch site in this case ?

 

In brief, I'm using MX routers: one at the HQ and another at a branch site. Branch users should have secure access to HQ resources while also having internet access through local breakout

 

 

0 Kudos
In response to Flamby
RWelch
Kind of a big deal
Kind of a big deal
yesterday
yesterday

You can achieve HQs (hub) and branch (spoke) connectivity by just using Site-to-Site VPN by itself since each location as a MX appliance.

 

If you want users/devices to be able to connect from anywhere you'd want to explore Secure Connect.  

Cisco Secure Connect is a unified Secure Access Service Edge (SASE) product designed to deliver an unparalleled user experience with minimal effort by securely connecting users, things, and applications seamlessly from anywhere.

 

You would need to contact your Sales Representative, reach out to the Sales Team, or visit meraki.cisco.com/eval to register for a free evaluation of a Cisco Meraki product.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
PhilipDAth
Kind of a big deal
Kind of a big deal
4 hours ago
4 hours ago

https://documentation.meraki.com/MX/Site-to-site_VPN/Meraki_Auto_VPN_-_Configuration_and_Troubleshoo...

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.