We have a non-Meraki Peer VPN between our office and our parent company. While the VPN terminates MX to MX, right now we are different organizations so the tunnel has to be a non-Meraki peer setup.
As long as we don't make any changes to the subnets configured on both ends, the VPN works great. If, however, if we add or remove a remote private subnet from either end of the config, the VPN quits working. The only way to restore functionality is to completely rip-out the config on both ends and put it back.
It seems like IPSec gets hosed and the traffic just stops transiting the VPN once a change is made. Naturally, recreating the tunnels on both ends reestablishes IPSec and the tunnel works fine once again after that.
Has anyone else seem a similar behavior? Is there a fix or workaround? I am not aware of any way to "pause" the VPN, make the required changes, and then start it up again.