I used to work for an ISP, so I've seen this done before.
I have a box in location A, and a bunch of remote devices in 12 other locations that need to connect to the box in location A.
The remote devices need to be on the same subnet as location A.
I've seen this: Using Site-to-site VPN Translation - Cisco Meraki Documentation
Ideally, I'd just like the subnet in location A to push DHCP through the VPN. But I guess that isn't a thing?
Thanks for the answers in advance!
I'm trying to reduce boxes running server software. The model is: device collects data -> connects to server on LAN -> then server sends data to cloud. I don't want 12 boxes running this software, I just want one box.
So i'd like all devices to send data to one box over VPN.
We have that by using VPLS circuits, are they not an option for you?
Don't think so. We're using Starlink.
This won't work. The devices at the branches may look like they're in the same subnet as each other, but they can't be in the same subnet as the host at the central site, using subnet translation; subnet translation still involves a routing hop.
Ok, anything stopping me from using static routes and Source-based routing to get this done?
Source Based Default Routing - Cisco Meraki Documentation
Thanks
I don't think MX <-> MX will work with this, either way - it's always a routed tunnel.
I am wondering if you placed all the devices behind the wired port of an MR36H and used the Teleworker VPN functionality, dropping them all in the same VLAN, that might work..? Never tried it though. Safe to say - it was not designed for this!
https://documentation.meraki.com/MR/Client_Addressing_and_Bridging/Port_Profiles
https://documentation.meraki.com/MR/Client_Addressing_and_Bridging/MR_Teleworker_VPN
You would need both an MX (to concentrate tunnels) and an MR (for the server) at the hub location
Mx autovpn doesn't do layer2.
Maybe if you connect all devices using client vpn setup.
Or build gre tunnels from your devices ( not sure what devices you run) to a vpn server you host in your server subnet
Ok, so Layer2 is out of the question. That's fine. These devices will connect to the server as long as there are routes setup. So I can have the server on a different subnet, as long as it's in the same network. Like, I think I should be able to do this through the site-to-site VPN.