Meraki

auhyden · ‎Aug 29 2023

I have a Starlink <WAN_PORT> MX68W <Wireless> Users crash kit that we are working on standing up. This crash kit will be on the Starlink network.

Is it possible to have a VPN tunnel established from this crash kit to another org/user network?

Is there documentation anywhere on this?

jbright · ‎Aug 29 2023

3rd party site-to-site VPN connections require a public IPV4 address on both firewalls that the VPN tunnel is between. I have a Starlink residential account and currently only receive a single CGNAT IPV4 address on it. I also get an IPV6 address too, but 3rd party site-to-site VPN is not supported over IPV6 yet, but very soon. The only two options for a site-to-site VPN over a Starlink connection for now are Auto-VPN between two MX in the same organization or get the Business version of Starlink, which does provide a public IPV4 address, which would allow the 3rd party site-to-site VPN connection to work, assuming the other firewall also has a public IPV4 address. When IPv6 is supported for 3rd party site-to-site VPN, that would provide another option.

Configuring Site-to-site VPN between MX Appliances in Different Organizations

alemabrahao · ‎Aug 30 2023

You do need a public IP, but it doesn't have to be on both ends. I've done several tests on my home network closing VPN tunnels with other firewalls and the tunnel worked 100%.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Meraki

Community

Has anyone setup a Starlink/MX68W Crash Kit able to VPN between different organizations?

Has anyone setup a Starlink/MX68W Crash Kit able to VPN between different organizations?