Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MX100 VPN

Clerestory
New here
Tuesday
Tuesday

MX100 VPN

So, I currently have a pair of MX100s running in passthrough mode that are the VPN hubs for a bunch of MX67 remote routers. TheMX100s have public IP x.x.x.x. I want to move them from behind one set of border firewalls to another, in which case they would get a new public IP x.x.x.y.  I've looked through the settings and can't figure out how the remote routers know to link to x.x.x.x. I know the tunnels will go down once I move them, but will they automatically resync using the new public IP x.x.x.y?

Labels:
0 Kudos
Subscribe
2 Replies 2
Brash
Kind of a big deal
Kind of a big deal
Tuesday
Tuesday

When the MX's move to the new network, they will contact the Meraki VPN registry with the new public IP.

The registry is then responsible for updating all of the remote sites to establish tunnels with MX's on the new public IP address.

There's some additional information around this in the below doc.

https://documentation.meraki.com/Architectures_and_Best_Practices/Cisco_Meraki_Best_Practice_Design/...

Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
Wednesday
Wednesday

+1 to @Brash .  You could also check to make sure a static IP address has been been configured for the hub with a manual NAT config.

https://documentation.meraki.com/MX/Site-to-site_VPN/Automatic_NAT_Traversal_for_Auto_VPN_Tunneling_...

 

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.