Non-Meraki Peers with Source NAT

New here

Non-Meraki Peers with Source NAT

I am moving a L2L tunnel from an ASA to a Meraki MX100.  I understand how to set the tunnel piece up, but in this specific case I need to source NAT  the local network to the remote network.  Similar to the below.


nat (Inside,outside) source dynamic obj_VPN10.2.60 host-24.68 destination static Sub- Sub-


Is this type of NAT configurable? I played with the 1:Many NAT but had no success. TIA

Kind of a big deal

The MX is not capable of NAT on a Non-Meraki VPN tunnel. You will need to perform that NAT on the ASA on the other side. 

Thanks.  That is what I was thinking, but wanted confirmation.  I'll have to ask the other side since it is a vendor.

Kind of a big deal

Hopefully your vendor will go for it. We've got a number of tunnels between our ASAs and client's Meraki MX, where we're doing VPN NAT on the ASA side. MX doesn't care so long as you tell it the correct subnet.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.