- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Exported subnets - VPN
I was wondering if anyone would be able to explain exactly what setting to "Use VPN" option does against each of the subnets I have available within our MX appliance:
When I select "Yes" under the "Use VPN" field, the subnet then appears under the VPN Status page under "Exported subnets":
What does exporting these subnets actually do? Does it just present that subnet to all defined VPNs so traffic is routable between the subnet and remote networks at the end of the VPN? I can't seem find a proper explanation for what it actually does.
Solved! Go to solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, both for Meraki AutoVPN and for 3d party VPNs setting the dropdown menu to "yes" means those subnets will participate in the VPN networks.
It seems like you're using 3d party VPN. Check this blog by Aaron Willette for more in depth information about it:
https://www.willette.works/merging-meraki-vpns/
I'll quote:
Only subnets local to the MX can be advertised to the remote Non-Meraki VPN peer. The subnets specifically selected as Use VPN, yeson the Security appliance > Site-to-site VPN configuration page will be included as the local interesting traffic in the IPSec exchange.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What it basically does is that it tells the other MX appliances in the AutoVPN that they can reach that particular subnet through this MX appliance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, both for Meraki AutoVPN and for 3d party VPNs setting the dropdown menu to "yes" means those subnets will participate in the VPN networks.
It seems like you're using 3d party VPN. Check this blog by Aaron Willette for more in depth information about it:
https://www.willette.works/merging-meraki-vpns/
I'll quote:
Only subnets local to the MX can be advertised to the remote Non-Meraki VPN peer. The subnets specifically selected as Use VPN, yeson the Security appliance > Site-to-site VPN configuration page will be included as the local interesting traffic in the IPSec exchange.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content