To advertise a subnet over IPsec VPN go to Security & SD-WAN > Site to site VPN. A "VPN settings" section will be there, then you will see the "local networks".
This section permits/restricts subnets to be advertised over AutoVPN and IPsec VPN. If the subnet is "disabled" it will not be able to access or use the VPN as it will not be advertised over VPN. If "enabled" that subnet will be advertised to AutoVPN and IPsec VPN peers.
If you want all your local subnets to be able to pass traffic through the IPsec tunnel, then enable all of them.
Local networks example:
Only the default VLAN subnet of 192.168.128.1/24 is advertised over the IPsec tunnel since it's the only one that is "enabled". If I want 10.10.1.0/24 to be advertised to my IPsec VPN peer, then I will "enable" it.
Do you need all of your traffic to go across the IPsec tunnel?
- That's what adding a 0.0.0.0/0 in the private subnets of the Non-Meraki VPN peer configuration on the dashboard will do. It overrides the default route out the WAN interface.
Will internet be possible with 0.0.0.0/0 with an IPsec peer?
- Sure, if the tunnel establishes properly as the MX will be using your peer for internet connectivity.
I am still a little lost on what you are trying to configure.
Maria P | Network Support Engineer, Cisco Meraki