Meraki

Flat4vw · ‎Sep 13 2022

Hello first time poster been lurking.

I have read the documentation for creating a DMZ and it s fairly simple but the document goes into ACL and other items I will not be doing.

My setup is such, MX100 at the HQ runs everything. Behind that is a mx65 that we use in the lab. This had been working flawless until we move one of our applications to the vendors cloud that require a non meraki vpn. We have several sites around out state that are spokes to the MX100. We use the autovpn a ton. All of the sites connect to the non meraki vpn just fine. Except the lab (this also setup to be a spoke) because it uses the same public ip that the mx100 uses to connect the HQ to the vendor. It caused a double vpn to the vendor and it just caused issues.

Someone mention to use a free port on the mx100 create the dmz vlan and plug it in. Since its a spoke it should connect to the autovpn and it should be able to connect to the non meraki vpn.

Is it as simple as the above?

Thank you

PhilipDAth · ‎Sep 13 2022

The DMZ sounds like an easy fix. Another option is to get a dedicated cheap Internet circuit for the lab, making it more like a real site.

View solution in original post

alemabrahao · ‎Sep 13 2022

Well, I'm not sure. If it's just for a Lab I think you can try.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

PhilipDAth · ‎Sep 13 2022

The DMZ sounds like an easy fix. Another option is to get a dedicated cheap Internet circuit for the lab, making it more like a real site.