I have a MX67W on trial. We are looking at rolling out five of these to small offices for a company we support. Amongst other features the VPN is key to the Meraki device being suitable. I have found an online guide for setting up the VPN and it doesn't seem to want to play ball. I then discovered the following MS document that states Meraki isn't compatible:
Yeah, you can use several virtual firewalls to connect to in Azure like a pfsense for example but... if you do then you don't get the benefits of SD-WAN. So you can't do two simultaneous tunnels if you would have two WAN connections per site with policies which traffic uses which uplink under what performance circumstances.
The vMX provides a virtual appliance where you can do autoVPN to. So you don't need to worry about switching IP's when an uplink goes down.
My main concern is that MS don't list Meraki as a supported VPN solution. I know there are multiple guides online but from an enterprise point of view implementing a "non-supported" solution is something we can't do.
Azure by default uses some sort of VPN gateway where you can OR connect 1 tunnel using policy based IKEv1 or if you need multiple sites IKEv2 route based VPNs.
At this time Meraki MX platforms do not support IKEv2 negotiation yet (there is a closed beta running I heard).
So you can't use the native VPN gateway of Azure. You can however spin up a virtual firewall that does support the Meraki sites to connect to Azure. Preferable a vMX as I mentioned in my previous post but you'll have to license it and spend money on the needed resources to run it.
As Meraki devices are clearly not officially supported by MS my organisation are unwilling to go with a MX device. It's very frustrating as I expect having an IKEv2 VPN to Azure is quite a common requirement.