Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Non-Meraki VPN peer connection

Mauricio-Pacman
Comes here often
‎Jan 4 2024 2:47 PM
‎Jan 4 2024 2:47 PM

Non-Meraki VPN peer connection

I am trying to establish a Non-Meraki VPN peer connection, phase 1 of the connection works fine according to the other device, but phase 2 does not make a connection, for the vpn they register a private network segment of our mx, I ask, in the vpn configuration where it is configured that this segment would be the one that would connect or if the meraki automatically takes the vpn addressing site to site that has the mx configured?

Labels:
0 Kudos
Subscribe
1 Reply 1
KH
Meraki Employee
Meraki Employee
‎Jan 8 2024 5:39 AM
‎Jan 8 2024 5:39 AM

Hey Mauricio,

 

The subnets the MX advertises to the peer have to be configured as Enabled in VPN under the addressing & VLANs page. Alternatively, this can be done on the Site-to-Site VPN page, the subnets you want advertised to the peer have to be selected as enabled. Problems at phase 2 are usually due to mismatched subnets so ensure that what is configured on the MX is expected by the peer and what is configured by the peer is expected by the MX (Subnets/Parameters). If you continue having trouble I would recommend opening a support case as they would have further visibility with your configuration as well as being able to view verbose logging to determine what the reason for phase 2 failing is.

 

Regards,

KH

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.