Meraki

Community

Client VPN cannot see the other end of S2S VPN

EdgarEstrada
Comes here often
‎Nov 27 2022 10:06 AM
‎Nov 27 2022 10:06 AM

Client VPN cannot see the other end of S2S VPN

Client VPN subnet = 10.0.1.0/24

 

Office (meraki) subnet = 10.0.0.0/24 (cisco Meraki MX67W)

 

S2S non-meraki peer VPN between 10.0.0.0/24 and 192.168.20.0/24 (remote) -  both networks work fine. they see each other.

 

10.10.1.X CANNOT see 192.168.20.X

 

Any ideas why it is not working?

 

 

Labels:
0 Kudos
5 Replies 5
ww
Kind of a big deal
Kind of a big deal
‎Nov 27 2022 10:17 AM
‎Nov 27 2022 10:17 AM

Does the other side have a route back to 10.0.1.0/24

0 Kudos
In response to ww
EdgarEstrada
Comes here often
‎Nov 27 2022 12:14 PM
‎Nov 27 2022 12:14 PM

the other side is a ClearOS computer inside an esxi.

I have no idea how to do that via iptables.

 

Do you think that should do the trick?

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Nov 27 2022 10:50 AM
‎Nov 27 2022 10:50 AM

Have you included 10.0.1.0/24 in the VPN on your side?  As the remote side included that in the VPN as well?

0 Kudos
In response to PhilipDAth
EdgarEstrada
Comes here often
‎Nov 27 2022 12:19 PM
‎Nov 27 2022 12:19 PM

My side is the Meraki's side -- I tried adding a static route but Meraki's msg says I cannot add a static route using IPs from the VPN Client.

The remote side is an esxi with a gw ClearOS computer.

0 Kudos
In response to EdgarEstrada
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Nov 27 2022 11:39 PM
‎Nov 27 2022 11:39 PM

You don't need to add a static route.  Just make sure your client VPN subnet is marked to be included in the VPN.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.