I can not reach s2s vpn from client vpn

SabriKaradeniz
New here

I can not reach s2s vpn from client vpn

Hi,

 

I've Cisco Meraki MX84. I've s2s tunnel between me and my customer. In company i'm using 192.168.48.0/24 network and with this network i can reach other side of tunnel. But when i connect client vpn from home, it gives me an ip from 172.16.2.0/24 and i can not reach s2s vpn side. I tried to use static route but it throwed me this error;

 

"Static lan route subnets cannot be contained by (or be equal to) a client VPN subnet."

 

Can you please help me?

3 Replies 3
ww
Kind of a big deal
Kind of a big deal

does the customer vpn know where 172.16.2.0/24 is.

SabriKaradeniz
New here

No, actually i thought they don't need to know my vpn ip address. Should i need add it trusted ip list in customer s2s vpn configuration? I've 2 ssid in my company. 1 of them is giving from 10.0.1.X/24 and another one is hidden network, giving 192.168.48.X/24. When i connect from client vpn, i can reach 10.0.1.X/24 network, but i can go s2s vpn only 192.168.48.X/24. How can i go s2s vpn from client vpn? Do i need to use static route?
MacuserJim
A model citizen

Have you added your client VPN subnet to your site-to-site VPN? It would need to be added to the Site-to-site VPN, and you would need to make sure that the site-to-site VPN firewall rules allow it to communicate across the site-to-site VPN the way you need it to.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels