We use Meraki MX 250 at Hub and MX 64 / 65 at spoke locations. Connectivity is seamless and works well.
We created a non-Meraki VPN between MX 250 (from Hub location) and AWS Cloud i.e IPsec VPN.
Able to reach AWS IP subnet from HUB, but not from spokes (MX 64 / 65), whereas all the spokes can reach the HUB without any issue.
AWS confirmed that they are allowing all the subnets of ours i.e 192.168.0.0
Can anyone advise?
Solved! Go to solution.
I think the spoke do not know the AWS routes?
I think the spoke do not know the AWS routes?
The generally accepted solution is to use an additional firewall to terminate the third party VPN connections, either inside another Meraki organization or using a different model of firewall entirely.
Your other option is to stand up tunnels between your spokes and your third party VPN.
It's currently working as intended when AutoVPN won't let you use third party tunnels.
Thank you for your inputs.
The DOCUMENT shared by you helped & worked.
Regards,
RajaSekhar
You can not route a spoke through AutoVPN and then out a non-Meraki VPN.
You need to build a VPN from each spoke to the non-Meraki destination.