Meraki

dhayes89 · ‎Feb 27 2025

Planning to us MX64 in a remote site a a spoke. WAN 1 planning to connect to private MPLS/BGP network and WAN2 to Starlink. The WAN1 connection will use BGP for the link to MPLS network to access the Meraki HUB. The idea is AutoVPN would use WAN1 to form a Site -Site-VPN with the Meraki HUB. The Meraki HUB is configured with a warm spare using Virtual IP, one arm mode is not an option.

Mloraditch · ‎Feb 27 2025

This should work as long as the MPLS connection provides internet access

See this guide:

https://documentation.meraki.com/MX/Site-to-site_VPN/Configuring_Site-to-site_VPN_over_MPLS

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

dhayes89

Thanks for the link. Similar idea, but my issue includes the Meraki in warm spare setup using virtual ip. The BGP/MPLS network is internal, virtual IP has an external NAT ip address. Thinking I may need to provide a route from the internal network to external NAT IP. Not sure if the same HUB can have 2 different ip addresses. One accessible from internet( NAT IP) and the other accessible from internal network ( Virtual IP).

dhayes89

When choosing the VPN HUB for the remote MX68, I didn't see the interface IP address listed. Will the Cloud automatically provide both the interface and Source IP addresses to the remote MX68 ?

Mloraditch

You shouldn't need to program anything as long as both MXs can reach the internet.

If you have issues the work arounds for NAT issues are documented here: https://documentation.meraki.com/MX/Site-to-site_VPN/Meraki_Auto_VPN_-_Configuration_and_Troubleshoo...

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

Meraki

Community

Meraki MX64 ( Spoke) using WAN1 connected to MPLS/BGP.

Meraki MX64 ( Spoke) using WAN1 connected to MPLS/BGP.