Configuration Advice

New here

Configuration Advice

If I can ask for some advice before i embark on this,


We have 2 x MX84s and 1 x Z3

Primary site (A) has MX84A Configured Hub(Mesh) With VPN from Z3 into it


Secondary Site (B) has MX84B Site-to-site VPN currently off - on the perimeter for traffic only for site (B)


Site A-B are connected via MPLS not via the MX’s


Site B currently has 3 VPNS coming in to existing non MX firewall,

I need to move the 3 VPNs (Non Meraki) from the old firewall to the MX – inbound to site B only, and not to effect site A is this possible under one company, can you have 2 Hub(mesh) configured?

Kind of a big deal

When you're doing Non-Meraki VPN hubs don't actually matter (but yes, you can have as many hub as you want for AutoVPN).


If you want to only nail up a VPN to Site B you will need to control the Non-Meraki VPN via Peer Availability using tags.


Here's the Non-Meraki doc:


And specifically, this section:

Building a reputation



You need to create a "tag" and assign it to a program where you run the site-2-site VPNs.



The tag becomes the "Availability" for the non Meraki VPN


Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.