Meraki Community

Patrik73 · ‎Apr 24 2023

I have an MX65 with an MG21 connected to WAN-port.

The SIM-card is unlocked from NAT and has a static public IP.

I try to setup an non meraki site 2 site to our cloud.

Of course that fails.

Guess I need to add some port forwarding on my MG21.

Now I have added these.

My MX has the following address from MG21.

My IP on MG21 is

Address and public IP are the same.

My MX Site 2 Site is configured with.

We are using VmWare Edge Gateway on the other side.

And these settings work when we only have an Meraki without MG21 onprem.

The logs in Meraki says.

Would really appreciate some pointers here.

EDIT1:

Did capture on Internet and the only thing I see from my remote VPN-site is this.

Patrik73 · ‎Apr 29 2023

Meraki helped me with this one.

I needed to set the Peer ID as the MX IP-address that it got from the MG.
For example 172.31.128.4.
And the Peer Endpoint as the MG21 public IP-address.

Portforward on the MG21 to the MX.

Port 500 UDP and Port 4500 UDP.

Then it worked like a charm. 🙂

View solution in original post

alemabrahao · ‎Apr 24 2023

Take a look at these recommendations.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Patrik73 · ‎Apr 29 2023