cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Non-Meraki VPN peers -- Local IP-Subnet

SOLVED
Highlighted
Here to help

Non-Meraki VPN peers -- Local IP-Subnet

Hi all,

 

I`m trying to find out where the local IP-Subnet (interesting traffic) can be configured for the Non-Meraki VPN tunnel?

 

In the local settings you can set whether the respective subnet should participate in the vpn, as I know these settings are also relevant for auto-vpn - if these settings also apply to the non-Meraki VPN peerings - how can a distinction be made here?

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Kind of a big deal

Re: Non-Meraki VPN peers -- Local IP-Subnet

>setup a Non-Meraki VPN-Peering for IP-Subnets which are learned from Spokes via Auto-VPN

 

You can't do this.  You have to build the non-Meraki VPN from each Spoke to the remote party.

 

There is one other option but it requires an additional MX.

View solution in original post

3 REPLIES 3
Highlighted
Kind of a big deal

Re: Non-Meraki VPN peers -- Local IP-Subnet

> if these settings also apply to the non-Meraki VPN peerings - how can a distinction be made here?

 

The same settings are used and no distinction can be made.

Highlighted
Here to help

Re: Non-Meraki VPN peers -- Local IP-Subnet

Hi @PhilipDAth 

 

thanks again for your reply 🙂

May I have your assessment of how you`d setup a Non-Meraki VPN-Peering for IP-Subnets which are learned from Spokes via Auto-VPN and are`nt connected directly/locally on the Hub-MX?

Highlighted
Kind of a big deal

Re: Non-Meraki VPN peers -- Local IP-Subnet

>setup a Non-Meraki VPN-Peering for IP-Subnets which are learned from Spokes via Auto-VPN

 

You can't do this.  You have to build the non-Meraki VPN from each Spoke to the remote party.

 

There is one other option but it requires an additional MX.

View solution in original post

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.