Meraki

Maccssilva

Impact of Adding a New Subnet to a Site-to-Site VPN

I have a question regarding the Site-to-Site VPN.

I have a VPN established with a non-Meraki device, and I need to add a new subnet to allow access.

When I add this subnet and apply the configuration, do I lose communication with the Meraki device for a few moments? If not, does it have any impact?

michalc

Hi @Maccssilva , welcome to the Meraki Community!

When you add a subnet to the VPN you won't lose communication with the Meraki device.

The only impact you might experience is a brief VPN tunnel flop since it has to renegotiate. You might not even notice it.

If you found this post helpful, please give it kudos. If it solved your problem, click "accept as solution" so that others can benefit from it.

View solution in original post

Robthesoundguy

If you're simply changing the VPN Mode from disabled to enabled, you shouldn't lose connectivity with the device.

alemabrahao

Theoretically it shouldn't cause any problems, but if I were you I would do it during a scheduled maintenance window in case of any unforeseen circumstances.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

michalc

Hi @Maccssilva , welcome to the Meraki Community!

When you add a subnet to the VPN you won't lose communication with the Meraki device.

The only impact you might experience is a brief VPN tunnel flop since it has to renegotiate. You might not even notice it.

If you found this post helpful, please give it kudos. If it solved your problem, click "accept as solution" so that others can benefit from it.

cmr

Remember that if you are going from one subnet to more than one subnet, check which IKE version you are using, if IKE V2 then you may run into trouble, depending on what the other end is.

If my answer solves your problem please click Accept as Solution so others can benefit from it.