Meraki

Community

Hub & Spoke - Filter Branch Networks

whistleblower
Building a reputation
‎May 27 2021 2:28 AM
‎May 27 2021 2:28 AM

Hub & Spoke - Filter Branch Networks

Hi,

 

is it possible to filter VPN-Routes on the Hub, so that e.g. Branch Offices did`nt know each other?

0 Kudos
4 Replies 4
DarrenOC
Kind of a big deal
Kind of a big deal
‎May 27 2021 3:12 AM
‎May 27 2021 3:12 AM

Hi @whistleblower 

 

yep, look at the "Limiting Connections Between Spokes" section in the below doc:

 

https://documentation.meraki.com/MX/Site-to-site_VPN/Configuring_Hub-and-spoke_VPN_Connections_on_th...

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
KarstenI
Kind of a big deal
Kind of a big deal
‎May 27 2021 4:24 AM
‎May 27 2021 4:24 AM

What @DarrenOC mentioned is the way to go. But be aware that it is not route-filtering as you was asking for. The Branches still know the other subnets but the filtering prohibits them from communicating with each other.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
In response to KarstenI
whistleblower
Building a reputation
‎May 27 2021 5:20 AM
‎May 27 2021 5:20 AM

I´ve seen that in the documentation... but as @KarstenI noted, this only affects the communication - the network-prefix itself still persits in the routing-table and that`s the point I was talking about! I´d like to filter the specific network out so that e.g. a also existin summary route is the preferred one!

0 Kudos
In response to whistleblower
PhilipDAth
Kind of a big deal
Kind of a big deal
‎May 27 2021 8:15 PM
‎May 27 2021 8:15 PM

You can not perform route filtering of AutoVPN routes.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.