Meraki

Community

How to summary LAN for auto VPN ?

dimatt
Getting noticed
‎Sep 6 2023 12:25 AM
‎Sep 6 2023 12:25 AM

How to summary LAN for auto VPN ?

Hello,

 

I have a MX appliance with a lot of small LANs which belong to the same big LAN.

 

In place of enable all the small LAN for the VPN, i would like to use the big LAN, but i can't choose it.

 

 Perhaps with a static route.

 

Do you have any idea ?

 

Thanks.

0 Kudos
10 Replies 10
DarrenOC
Kind of a big deal
Kind of a big deal
‎Sep 6 2023 1:32 AM
‎Sep 6 2023 1:32 AM

hi @dimatt - do you have a diagram you can share of your setup or can you provide further details on what you're trying to achieve?  I'm struggling to decipher your original post.  Cheers

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
In response to DarrenOC
dimatt
Getting noticed
‎Sep 6 2023 2:53 AM
‎Sep 6 2023 2:53 AM

For example 2 lan likes this:

192.168.0.0/24

192.168.1.0/24

I have to enable the 2 LAN on the VPN, but i would like to declare only one (to have a better view)

How can i summarize to 192.168.0.0/23 ?

0 Kudos
KarstenI
Kind of a big deal
Kind of a big deal
‎Sep 6 2023 1:45 AM
‎Sep 6 2023 1:45 AM

You can point a summary route to a random internal IP and advertise this route as a summary. The drawback is that for every change, the dashboard will print a dumb warning that traffic will be routed to the most specific route.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
In response to KarstenI
dimatt
Getting noticed
‎Sep 6 2023 2:04 AM
‎Sep 6 2023 2:04 AM

Thanks.

I was thinking of the same thing.

Did you experience it ?

0 Kudos
In response to dimatt
KarstenI
Kind of a big deal
Kind of a big deal
‎Sep 6 2023 2:07 AM
‎Sep 6 2023 2:07 AM

What do you mean with experience? The warning? Yes, and it is so annoying. It is the same warning that you get when you have the SVIs on the internal switch and have a summarized route to that switch.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
In response to KarstenI
dimatt
Getting noticed
‎Sep 6 2023 2:55 AM
‎Sep 6 2023 2:55 AM

Sorry, i mean, do you set it on a production environnement ?

0 Kudos
In response to dimatt
KarstenI
Kind of a big deal
Kind of a big deal
‎Sep 6 2023 3:00 AM
‎Sep 6 2023 3:00 AM

Yes, I often had this summarized route in the past. But new setups are all configured with individual routes just because of this message. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
In response to KarstenI
dimatt
Getting noticed
‎Sep 6 2023 6:33 AM
‎Sep 6 2023 6:33 AM

Ok, thanks.

0 Kudos
Ryan_Miles
Meraki Employee All-Star Meraki Employee All-Star
Meraki Employee All-Star
‎Sep 6 2023 8:40 AM
‎Sep 6 2023 8:40 AM

I made a short slide deck on this topic awhile ago. Posting here for reference.

 

Also, the BIG DISCLAIMER - this "hack/trick" isn't suggested, recommended, nor supported. So use it if you like, but just be aware at some point behavior could change or Support might recommend you not do this.

 

Now for the slides

 

https://docs.google.com/presentation/d/1FDD0qU6stBYm1dzWejoW_0vocgyB7UjUKUPi9EB_--M/edit?usp=sharing

In response to Ryan_Miles
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 6 2023 2:24 PM
‎Sep 6 2023 2:24 PM

I concur with @Ryan_Miles.  I have done exactly this.

 

You can also use this same approach to connect MXs in different networks (such as primary and DR) to the same internal network for failover.

0 Kudos
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.