Connection of several Non-Meraki VPN peer

Kevin_k78
Comes here often

Connection of several Non-Meraki VPN peer

Hello,I currently have a problem when I want to connect multiple non-peer Meraki.

I want to connect several MERAKI in VPN but the equipments are in different organization.

other MXs located in other organizations.

So I configure the tunnels in Non peers Meraki. When I connect one I have no problem but when I connect a second then the first one disconnects and the second connects. Is it possible to connect several Non peer meraki or not?

5 REPLIES 5
DarrenOC
Kind of a big deal
Kind of a big deal

Hey @Kevin_k78 

 

There's no restriction on the qty of non-meraki VPN's you can have.  What's being logged in the event log?

 

https://documentation.meraki.com/MX/Site-to-site_VPN/Troubleshooting_Non-Meraki_Site-to-site_VPN_Pee....

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

Thank you for your reply. Here are the messages that I have:

msg: <remote-peer-3|1118> deleting IKE_SA remote-peer-3[1118] between 

msg: <remote-peer-3|1118> closing CHILD_SA net-3-0{78} with SPIs cdec0598(inbound) (2604 bytes) c9313e1c(outbound) (5124 bytes) and TS

DarrenOC
Kind of a big deal
Kind of a big deal

What MX firmware are all the devices running?  Same across the board?  Are you using IKEV2?

 

Have you run a packet capture on your MX WAN interface to see whats happening?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

The Firmware is the latest but my vpn using IKEV1. I don't see anything congruent when I take a capture .... The Meraki support can't find ...

IKEv1 supports communication between only two CIDR in a tunnel. Example : 10.1.10.0/24 can communicate to 10.2.10.0/24 but if other subnets wants to establish a tunnel with same peer subnet then the traffic gets dropped as IKEv1 doesn't support multiple CIDR communication.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels