Meraki

ID · ‎Aug 17 2018

I am trying to create a tunnel between a Meraki MX84 and a Cisco ASA 5510 which contains 3 different subnets, e.g a 10.0.0.0, 192.168.1.0 and 192.168.2.0. The tunnel seems to come up fine but only the 10 network actually works.

Can anyone think of something i might have missed? Or something thats weird in the way Meraki Deals with multiple subnet VPNs that i may have missed?

Thanks

ID · ‎Aug 17 2018

I worked it out. I had missed a NAT exemption rule on the ASA.

Thanks for the help.

View solution in original post

nealgs · ‎Aug 17 2018

In the settings for the VPN on the MX84, under the section VPN settings/Local networks, are the 192.168.1.0 and 192.168.2.0 networks listed?

I've just setup something similar but to a ASA 5525 and only with 1 subnet. I'd expect any other subnets to therefore appear under the above VPN settings/local networks section and give you the option to Use VPN or not.

rgds

Gary

ID · ‎Aug 17 2018

Thanks for the reply,

Sorry i should have said that the subnets are all at the ASA end. The Meraki just has a single subnet.

nealgs · ‎Aug 17 2018

what does a tracert show from ASA side 192.168.x.0 to the MX84 side?

Is the ASA side set to route those subnets over vpn?

ID · ‎Aug 17 2018

I worked it out. I had missed a NAT exemption rule on the ASA.

Thanks for the help.

nealgs · ‎Aug 17 2018

great stuff - thanks for letting us know the outcome 🙂

Gary

DangItCarl · ‎Aug 21 2018

Hey I am stuck trying to get a Z1 to talk to my 5508 The 5508 wants a static ip (I think) for the peer but the Z1 is on a home DSL with DHCP.

Any pointers?

Meraki

Community

Full or partial site to site tunnel with non Meraki VPN

Full or partial site to site tunnel with non Meraki VPN