cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Non Meraki site to Site VPN with Oracle Cloud

SOLVED
Highlighted
Comes here often

Non Meraki site to Site VPN with Oracle Cloud

Has anyone attempted to create a site to site VPN with the Oracle cloud. We need to set this up however some of the documentation I'm finding is not pointing me in the right direction. 

 

Setup : 9 sites. All using MX appliances in routed mode(they are edge device as well) with 2 ISPs in load balance. Site to site Mesh all sites using AutoVPN. 

 

Requirement : Create an IPSec Tunnel to Oracle VCN. All sites need access to the resources on the other side of the tunnel.

 

Issues / Questions : 

1. Site to sites scope : If all networks are set for the scope will each unique MX try to establish a IPSec tunnel to the endpoint from each public IP resulting in 18 unique IP Sec tunnels

2. Routing : From the documentation I read if you don't have subnets "advertised to VPN" the tunnel will not come online and that the subnets on each side have to match. The oracle side would be using the summary route for the network however ourside would not be advertising the full summary route because I can't add that to any one site.

 

Is this best accomplished with a concentrator (IE another Meraki MX behind my current pair)?

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Kind of a big deal

Re: Non Meraki site to Site VPN with Oracle Cloud

>Is this best accomplished with a concentrator (IE another Meraki MX behind my current pair)?

 

Yes.  It will also need to be in a different Meraki Dashboard network.

View solution in original post

3 REPLIES 3
Highlighted
Kind of a big deal

Re: Non Meraki site to Site VPN with Oracle Cloud

>Is this best accomplished with a concentrator (IE another Meraki MX behind my current pair)?

 

Yes.  It will also need to be in a different Meraki Dashboard network.

View solution in original post

Highlighted
Comes here often

Re: Non Meraki site to Site VPN with Oracle Cloud

I suspected as such. On the new network, the appliance will not participate in autovpn but that will not prevent it from being able to use non-Meraki Site to Site VPN correct?

Highlighted
Kind of a big deal

Re: Non Meraki site to Site VPN with Oracle Cloud

Correct.  You just use static routing between the two MX appliances at the same physical location.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.