Meraki

Community

Non-Meraki VPN peer connection

Mauricio-Pacman
Comes here often
‎Jan 4 2024 2:47 PM
‎Jan 4 2024 2:47 PM

Non-Meraki VPN peer connection

I am trying to establish a Non-Meraki VPN peer connection, phase 1 of the connection works fine according to the other device, but phase 2 does not make a connection, for the vpn they register a private network segment of our mx, I ask, in the vpn configuration where it is configured that this segment would be the one that would connect or if the meraki automatically takes the vpn addressing site to site that has the mx configured?

Labels:
0 Kudos
1 Reply 1
KH
Meraki Employee
Meraki Employee
‎Jan 8 2024 5:39 AM
‎Jan 8 2024 5:39 AM

Hey Mauricio,

 

The subnets the MX advertises to the peer have to be configured as Enabled in VPN under the addressing & VLANs page. Alternatively, this can be done on the Site-to-Site VPN page, the subnets you want advertised to the peer have to be selected as enabled. Problems at phase 2 are usually due to mismatched subnets so ensure that what is configured on the MX is expected by the peer and what is configured by the peer is expected by the MX (Subnets/Parameters). If you continue having trouble I would recommend opening a support case as they would have further visibility with your configuration as well as being able to view verbose logging to determine what the reason for phase 2 failing is.

 

Regards,

KH

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2025 Cisco Systems, Inc.