Meraki

Community

Client VPN not working without default gateway

RaulC
Conversationalist
‎Jan 10 2022 1:43 AM
‎Jan 10 2022 1:43 AM

Client VPN not working without default gateway

Hello everybody,
I set a client VPN configuration on a Meraki MX84 gateway, which mostly is used on windows 10 clients. I want to configure the Windows VPN client to NOT use the default gateway on the remote network which is working fine but I can't access the remote resources anymore(VM's from the on-premise network).
This option is important for us because I don't want all the network traffic to be routed through the Meraki gateway (like web traffic, youtube, etc. other activities that consume bandwidth). Due to the work-from-home program the load of the network band is pretty large so is this option available?

 

Many thanks for your support!
Raul

Labels:
0 Kudos
5 Replies 5
KarstenI
Kind of a big deal
Kind of a big deal
‎Jan 10 2022 2:27 AM
‎Jan 10 2022 2:27 AM

It should work by specifying the Split-Tunnel networks in your configuration. How did you configure it? If not already done this way, try the script from @PhilipDAth:

https://www.ifm.net.nz/cookbooks/meraki-client-vpn.html

Another option would be to migrate to MX version 16 and use AnyConnect. There you can control these settings from the dashboard.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
RaulC
Conversationalist
‎Jan 10 2022 2:51 AM
‎Jan 10 2022 2:51 AM

I already split the tunnel, check the attached image. After I unchecked the * Use the default gateway, the internet is working well, but I'm not able to access the local resources or internal IPs. At this moment I would like to configure these setting on the existing VPN client because the entire company is using the same connection settings, only if is not working at all I will try to find other solutions, like Cisco Anyconnect.

 

Thanks.


 vpn tunnel split.PNG

0 Kudos
In response to RaulC
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 10 2022 11:38 AM
‎Jan 10 2022 11:38 AM

You'll want to use my tool that @KarstenI linked to.

 

If you do it that way using the GUI, then you'll need to add routes each time you connect for your remote network.

0 Kudos
RaulC
Conversationalist
‎Jan 13 2022 2:58 AM
‎Jan 13 2022 2:58 AM

Hi @PhilipDAth my plan is to keep the VPN client from Windows because the company is Microsoft based and it's easier for all users. 

It's there a way to keep using the same vpn client and the routes&credentials to be saved in the connection settings? It's very uncomfortable to retype the routes and credentials every time you want to use the vpn tunnel (sometimes 3-4 times per day).

 

Thanks

0 Kudos
In response to RaulC
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 13 2022 9:55 AM
‎Jan 13 2022 9:55 AM

Use the VPN wizard posted by @KarstenI  above to create the VPN.  It does the routes automatically.

0 Kudos
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.