Meraki

Community

Best practice to block vpn site to site traffic

Solved
RMP-Topher
Comes here often
‎Mar 17 2022 9:02 AM
‎Mar 17 2022 9:02 AM

Best practice to block vpn site to site traffic

Senario:   Hub and Spoke:  Block VPN traffic from one remote mx to another remote mx that use the same hub. 

 

current test

RMPTopher_0-1647532700066.png

 

but I can still ping the /32 address 

Appreciate suggestions

 

Labels:
0 Kudos
1 Accepted Solution
ww
Kind of a big deal
Kind of a big deal
‎Mar 17 2022 9:28 AM
‎Mar 17 2022 9:28 AM

It does not apply to active sessions. You need to stop ping for like 5 minutes

View solution in original post

2 Replies 2
RMP-Topher
Comes here often
‎Mar 17 2022 9:25 AM
‎Mar 17 2022 9:25 AM

Update:  10minutes later the rule starts working.  I can see 2 minutes for config changes but 10?  That seems like a lot.

0 Kudos
ww
Kind of a big deal
Kind of a big deal
‎Mar 17 2022 9:28 AM
‎Mar 17 2022 9:28 AM

It does not apply to active sessions. You need to stop ping for like 5 minutes

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.