Any private address that is not in use on your network, when configuring the VPN client, will automatically be added as a route to the MX routing table.
Configuring MX for Client VPN
To enable client VPN, choose Enabled from the Client VPN server drop-down menu on the Security & SD-WAN > Configure > Client VPN page. The following client VPN options can be configured:
- Hostname: This is the hostname of the MX that client VPN users will use to connect
- This hostname is a Dynamic DNS (DDNS) host record correlating to the public IP address of the MX
- For more information on managing the hostname, see Dynamic DNS (DDNS)
- Client VPN subnet: The subnet that will be used for client VPN connections
- This should be a private subnet that is not in use anywhere else in the network
- The MX will be the default gateway on this subnet and will route traffic to and from this subnet
- The MX utilizes LCP (Link Control Protocol) to assign IPs to clients, thus DHCP and Static Assignment are not supported
https://documentation.meraki.com/MX/Client_VPN/Client_VPN_Overview
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.
Please, if this post was useful, leave your kudos and mark it as solved.
