I can not reach s2s vpn from client vpn

SabriKaradeniz
New here

I can not reach s2s vpn from client vpn

Hi,

 

I've Cisco Meraki MX84. I've s2s tunnel between me and my customer. In company i'm using 192.168.48.0/24 network and with this network i can reach other side of tunnel. But when i connect client vpn from home, it gives me an ip from 172.16.2.0/24 and i can not reach s2s vpn side. I tried to use static route but it throwed me this error;

 

"Static lan route subnets cannot be contained by (or be equal to) a client VPN subnet."

 

Can you please help me?

3 Replies 3
ww
Kind of a big deal
Kind of a big deal

does the customer vpn know where 172.16.2.0/24 is.

No, actually i thought they don't need to know my vpn ip address. Should i need add it trusted ip list in customer s2s vpn configuration? I've 2 ssid in my company. 1 of them is giving from 10.0.1.X/24 and another one is hidden network, giving 192.168.48.X/24. When i connect from client vpn, i can reach 10.0.1.X/24 network, but i can go s2s vpn only 192.168.48.X/24. How can i go s2s vpn from client vpn? Do i need to use static route?
MacuserJim
A model citizen

Have you added your client VPN subnet to your site-to-site VPN? It would need to be added to the Site-to-site VPN, and you would need to make sure that the site-to-site VPN firewall rules allow it to communicate across the site-to-site VPN the way you need it to.
Get notified when there are additional replies to this discussion.