Meraki to Non-Meraki VPN Connection recommended approach

SOLVED
guest134
Conversationalist

Meraki to Non-Meraki VPN Connection recommended approach

Hi everyone,

with the events of the COVID-19 virus we are considering setting up VPN access for employees to work at home.  

 

1. What is the recommended approach for people who wish to setup VPN connections from a meraki device (in-office) to non-meraki devices (at home).

 

I found instructions here https://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-site_VPN_Settings (under the section "Non-Meraki VPN Peers")  but I just want to be sure that this is the most secure way to set up a connection.

 

2. What are the risks? Is it secure enough that it will cover most attack vectors as long as we follow the link above?

 

Thanks for all your help in advance.

 

 

1 ACCEPTED SOLUTION
PhilipDAth
Kind of a big deal
Kind of a big deal

> What is the recommended approach for people who wish to setup VPN connections from a meraki device (in-office) to non-meraki devices (at home).

 

Don't go there.  It will chew up huge amounts of time, a lot of them will probably have bugs, and you'll probably get a whole bunch that don't work.

 

Either use client VPN or the Z3's.

View solution in original post

3 REPLIES 3
PhilipDAth
Kind of a big deal
Kind of a big deal

> What is the recommended approach for people who wish to setup VPN connections from a meraki device (in-office) to non-meraki devices (at home).

 

Don't go there.  It will chew up huge amounts of time, a lot of them will probably have bugs, and you'll probably get a whole bunch that don't work.

 

Either use client VPN or the Z3's.

Nash
Kind of a big deal

If your users will be working on company computers:

  1. Use the client VPN.
  2. Compare the number of users against the number of supported tunnels on your particular model of MX.
  3. If it's Windows10, use a script for deployment. See my sig for examples.

 

If your users will be working on personal computers:

  1. Install something like LogMeIn on their work computer.
  2. End user connects to work computer via LogMeIn
  3. Profit
  4. Worst case scenario, see above with regards to client VPN, then have user RDP (or something) into their work PC.
guest134
Conversationalist

Thanks for the replies.  I will look into it and mark a solution asap.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels