Need a specific IP address to not go thru a VPN Tunnel

cmal00
Here to help

Need a specific IP address to not go thru a VPN Tunnel

I have a VPN Tunnel between a MX-68 and a MX-85. I have a subnet that needs to be reach behind the MX-85, which it does. but there is one IP from that subnet (a server hosted outside my company) that can not go thru the tunnel and need to go out to the internet. I've tried creating a static route on the MX-86 but it just says "has an invalid next hop IP. The IP address x.x.x.x is not on a configured subnet. Is there a way to archive this? 

 

Thanks

3 Replies 3
double_virgule
Getting noticed

We tried to do the same thing, and ended up just splitting out the subnet and making the IPs in question a /30 and then just disabling the VPN on it. 

 

There's probably a better way to do it, and your solution is probably just missing some NAT configuration, but we gave up and just did it the easy way. 

cmal00
Here to help

Yes, that's what someone had mention to do as a work around. I'm just surprise that you just can't create a static route pointing it out the the outside interface. 

MartinLL
Building a reputation

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels