cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki to Non-Meraki VPN Connection recommended approach

SOLVED
Highlighted
Conversationalist

Meraki to Non-Meraki VPN Connection recommended approach

Hi everyone,

with the events of the COVID-19 virus we are considering setting up VPN access for employees to work at home.  

 

1. What is the recommended approach for people who wish to setup VPN connections from a meraki device (in-office) to non-meraki devices (at home).

 

I found instructions here https://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-site_VPN_Settings (under the section "Non-Meraki VPN Peers")  but I just want to be sure that this is the most secure way to set up a connection.

 

2. What are the risks? Is it secure enough that it will cover most attack vectors as long as we follow the link above?

 

Thanks for all your help in advance.

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Kind of a big deal

Re: Meraki to Non-Meraki VPN Connection recommended approach

> What is the recommended approach for people who wish to setup VPN connections from a meraki device (in-office) to non-meraki devices (at home).

 

Don't go there.  It will chew up huge amounts of time, a lot of them will probably have bugs, and you'll probably get a whole bunch that don't work.

 

Either use client VPN or the Z3's.

View solution in original post

3 REPLIES 3
Kind of a big deal

Re: Meraki to Non-Meraki VPN Connection recommended approach

> What is the recommended approach for people who wish to setup VPN connections from a meraki device (in-office) to non-meraki devices (at home).

 

Don't go there.  It will chew up huge amounts of time, a lot of them will probably have bugs, and you'll probably get a whole bunch that don't work.

 

Either use client VPN or the Z3's.

View solution in original post

Highlighted
Kind of a big deal

Re: Meraki to Non-Meraki VPN Connection recommended approach

If your users will be working on company computers:

  1. Use the client VPN.
  2. Compare the number of users against the number of supported tunnels on your particular model of MX.
  3. If it's Windows10, use a script for deployment. See my sig for examples.

 

If your users will be working on personal computers:

  1. Install something like LogMeIn on their work computer.
  2. End user connects to work computer via LogMeIn
  3. Profit
  4. Worst case scenario, see above with regards to client VPN, then have user RDP (or something) into their work PC.
Highlighted
Conversationalist

Re: Meraki to Non-Meraki VPN Connection recommended approach

Thanks for the replies.  I will look into it and mark a solution asap.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.