Meraki

whistleblower · ‎May 30 2023

Hi,

have any of you ever had the requirement to build a Meraki Auto-VPN - where each location should be connected to 1x MPLS and 1x Internet and the Meraki Management Traffic for every MPLS Access should use a Meraki MX Firewall in a DC or central side location but which also participates in the Auto-VPN with it`s WAN Interfaces?

alemabrahao · ‎May 30 2023

I suggest you read this documentation.

https://documentation.meraki.com/MX/Deployment_Guides/MPLS_Failover_to_Meraki_Auto_VPN

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

whistleblower · ‎May 31 2023

hi @alemabrahao thank you for your respond! I´ve readed already through the official public documentation, but unfortunately I was`nt able to find helpful information regarding my requirement... 😕

Maumarti · ‎Aug 1 2023

Yes. One option is have the MX in the DC as a one arm concentrator. https://documentation.meraki.com/MX/Site-to-site_VPN/Configuring_Site-to-site_VPN_over_MPLS.

And the management traffic of that MPLS remote link IP would have to go through a central DC firewall that is not the MX.

Other option would be to have the remote MPLS link cloud mgmt traffic traverse the MPLS cloud, into the DC or central location, and then cross a meraki MX in routed/firewall mode that is there, from its LAN through its WAN. In that case, a tunnel would be established from remote WAN MPLS link, to central MX LAN side.
Could not find documentation on that.

Meraki

Community

Auto-VPN Management Traffic for MPLS underlay

Auto-VPN Management Traffic for MPLS underlay