Best practice to block vpn site to site traffic

Solved
RMP-Topher
Comes here often

Best practice to block vpn site to site traffic

Senario:   Hub and Spoke:  Block VPN traffic from one remote mx to another remote mx that use the same hub. 

 

current test

RMPTopher_0-1647532700066.png

 

but I can still ping the /32 address 

Appreciate suggestions

 

1 Accepted Solution
ww
Kind of a big deal
Kind of a big deal

It does not apply to active sessions. You need to stop ping for like 5 minutes

View solution in original post

2 Replies 2
RMP-Topher
Comes here often

Update:  10minutes later the rule starts working.  I can see 2 minutes for config changes but 10?  That seems like a lot.

ww
Kind of a big deal
Kind of a big deal

It does not apply to active sessions. You need to stop ping for like 5 minutes

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels