Meraki

Brian68 · ‎Aug 17 2021

I just got off of a call with Meraki Tech Support and they told me that we will be unable to have our VPN Clients connect to our Meraki firewall and reach the hosts we have in AWS connected as Non-Meraki VPN peers. We don't want the AWS hosts to be accessible unless someone is connected to our network. They said this is a known limitation and that during calls with other customers with AWS on the phone they all agreed it was not possible. Is this true? Has anyone come up with a solution to work around this? If I were to introduce an additional piece of gear to be exclusively a VPN Client gateway could it connect clients to what our MX thinks is the "default" network and then allow VPN client to reach things in AWS?

Any suggestions would be appreciated.

PhilipDAth · ‎Aug 17 2021

That should work.

Depending on how many users you have, you might find the VMX cheaper ...

View solution in original post

PhilipDAth · ‎Aug 17 2021

That is correct. The best solution is to put a VMX into AWS. The VMX-S is not too expensive.

https://meraki.cisco.com/product/security-sd-wan/virtual-appliances/vmx-small/

Brian68 · ‎Aug 17 2021

Could we use the Amazon VPN Client configured with a Client VPN Endpoint on a VPC to access AWS and then leverage the non-Meraki peers to access resources at the main office behind the MX appliance?

PhilipDAth · ‎Aug 17 2021

That should work.

Depending on how many users you have, you might find the VMX cheaper ...

Meraki

Community

Client VPN to AWS not possible while also connecting Default to AWS?

Client VPN to AWS not possible while also connecting Default to AWS?