MX84 Client VPN to pull DHCP from VLAN1

Solved
TitusPullo80
Conversationalist

MX84 Client VPN to pull DHCP from VLAN1

Hello!

 

I have a Meraki MX84 that is currently handling all DHCP for the busniess via VLAN1. I currently have the client VPN on our Meraki MX84 setup to pull dhcp from it's own scope (192.168.11.0/24). I would like to setup the client VPN to pull DHCP from VLAN1 (192.168.12.0/23) on the device. We have some in house applications that are coded to where they need to have this IP subnet (192.168.12.0/23) or the application fails to launch.

 

Again, The VLAN1 subnet is, 192.168.12.0/23. The current client VPN subnet is 192.168.11.0/24. The Meraki is handling DHCP already but I just need to have that extend the DHCP from VLAN1 to the client VPN if that's possible.

 

Thanks in advance, Titus.

 

1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal

You can't do this.  The client VPN needs to use a subnet that is not used anywhere else in your network.

https://documentation.meraki.com/MX/Client_VPN/Client_VPN_Overview

 

"Client VPN subnet: The subnet that will be used for Client VPN connections. This should be a private subnet that is not in use anywhere else in your network. The MX will be the default gateway on this subnet and will route traffic to and from this subnet"

View solution in original post

3 Replies 3
PhilipDAth
Kind of a big deal
Kind of a big deal

You can't do this.  The client VPN needs to use a subnet that is not used anywhere else in your network.

https://documentation.meraki.com/MX/Client_VPN/Client_VPN_Overview

 

"Client VPN subnet: The subnet that will be used for Client VPN connections. This should be a private subnet that is not in use anywhere else in your network. The MX will be the default gateway on this subnet and will route traffic to and from this subnet"

cta102
Building a reputation

As per Philips response

 

I don't know what applications you are using at home but you will either have to recode them or add the VPN subnet to the permitted addresses.

I did try to be clever at one point to try and get my TiVo and Chromecast to be usable across a VPN connection, but it never really worked to my satisfaction.

Depending on the task in hand you may be better off installing something like a Raspberry Pi and connecting to that as a terminal server (you can lock the addressing down as you see fit on the RPi)

TitusPullo80
Conversationalist

Thank you for the quick reply! There was a route that I needed to add in the route table on a server to be able to access from the client vpn network. This is resolved.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels