Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki VPN to Non-Meraki VPN (Cisco ASA)

Holli69
Getting noticed
‎Oct 12 2021 9:59 AM
‎Oct 12 2021 9:59 AM

Meraki VPN to Non-Meraki VPN (Cisco ASA)

Hi all,

 

is it possible to build a VPN tunnel using IKEv2 from Meraki MX100 with FW 15.44/16.12 to a Cisco ASA 5516-X FW 9.12 ?

What about the remote-ID, mandatory or optional ?

Should NAT-Traversal (NAT-T) also be enabled on ASA if I wish to use it on MX100 ?

 

regards

Roland

 

 

Labels:
0 Kudos
Subscribe
2 Replies 2
Inderdeep
Kind of a big deal
Kind of a big deal
‎Oct 12 2021 10:35 AM
‎Oct 12 2021 10:35 AM

@Holli69 : Check this out 

https://documentation.meraki.com/MX/Site-to-site_VPN/MX_to_Cisco_ASA_Site-to-site_VPN_Setup 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 12 2021 12:44 PM
‎Oct 12 2021 12:44 PM

Yes.

 

The remote ID should be the public IP address of the remote ASA.

Leave NAT-T enabled.

 

Note that you can usually only have a SINGLE subnet in the source and destination encryption domains.  If you include two then only one tends to work at a time.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.