Meraki Community

Marcin471 · ‎Oct 15 2021

Hi,

We recently replaced in our branch office our old Cisco router with Meraki MX appliance and I'm struggling with establishing non-meraki site to site VPN.

- I managed to establish a connection between devices, but I'm struggling with a traffic itself. Do I need additional firewall rules to direct traffic to the main site?

- How can I configure a failover VPN? Will creating a secondary GRE tunnel on a Mikrotik with WAN2 details be sufficient?

VPN tunnel worked with Cisco 880 series router without issues.

Regards,

Marcin

PhilipDAth · ‎Oct 16 2021

Non-Meraki site to site VPNs have no failover support on the Meraki side. If the remote device(s) have the ability to have a primary and backup peer ID then you should be fine.

> Do I need additional firewall rules to direct traffic to the main site?

No. If the traffic matches the encryption domain it will go over the VPN.

Marcin471 · ‎Oct 19 2021

Hi,

Unfortunately it doesn't work. Tunnel is established correctly, but traffic is not coming through. Below report from Mikrotik router.

When trying to ping or access a device on a branch internal network, I've got a timeout. Below a screenshot of a ping attempt through a tunnel.

Regards,

Marcin

Marcin471 · ‎Oct 19 2021

Hi,

Got it up and running. Misconfigured peer settings on Mikrotik router.

Cheers,

Marcin

Marcin471 · ‎Oct 21 2021

Hi kurdzop,

> i have also faced same problem last week

Did you managed to establish a tunnel at the end?

Regards,

Marcin

Meraki Community

Non Meraki site to site vpn with Mikrotk router

Non Meraki site to site vpn with Mikrotk router