Azure Tunnel with Site-to-site VPN

Dan_Nicolet
Here to help

Azure Tunnel with Site-to-site VPN

My main campus has an Azure tunnel (non-meraki peer) configured to access ADFS services. Users on the main campus network are directed through the tunnel for login. Any user that is not on the campus network (outside) is directed directly to Azure. Basically if the tunnel is down on the main campus, users can not log in unless they are off the network. I recently set up a Meraki site-to-site vpn with a remote location. The Azure tunnel show up in the VPN settings on both sides and if I try to establish that tunnel on the remote side it breaks the main campus tunnel. Now users at the remote site can not access the login since they are virtually on the main campus. I created a temporary workaround by entering a public DNS into the DHCP scope on the remote network. This worked but think I must be missing a much easier solution. Any suggestions would be appreciated.

2 Replies 2
PhilipDAth
Kind of a big deal
Kind of a big deal

Note that non-Meraki VPN's are configured org-wide.  So both of your sites will use the same settings (PSK, encryption, etc).

 

It is a million times simpler to ditch Azure VPN, and deploy a Meraki VMX-S.

https://meraki.cisco.com/product/security-sd-wan/virtual-appliances/vmx-small/

As a bonus, the Meraki system will self resolve most issues without you having to touch anything.

Dan_Nicolet
Here to help

I appreciate the information, I will look into this solution.

 

Thank you!

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels