Overlapping Ip subnet error message when creating the site-to-site vpn with vpn participation off

SOLVED
IotaNetworks
Here to help

Overlapping Ip subnet error message when creating the site-to-site vpn with vpn participation off

I am trying to create a site-to-site VPN on MX250 as Hub and i see there is only one default subnet 192.168.24.0/24  available and i set the vpn participation off for this default subnet. When i try to save the changes i see an error message asking me to confirm that "there is an overlapping subnet 192.168.0.0/12 " across other networks within my organisation. While it is true that we do have this subnet on other site, i am unable to

1. Modify this default subnet

2. Delete this default subnet

3. with vpn participation set as off, this subnet should not be advertised to other sites hence overlap should not be a problem, but i am worried if i have to continue saving the config even with this error as it might cause routin issue on other sites.

 

Please suggest if anyone has dealt with this kind of issue earlier ?

1 ACCEPTED SOLUTION
PhilipDAth
Kind of a big deal
Kind of a big deal

Is this network part of a template?  If so go to the template.  The supernet 192.168.0.0/12 will be defined there.

View solution in original post

2 REPLIES 2
cmr
Kind of a big deal
Kind of a big deal

@IotaNetworksyou have two issues here.  Firstly I'd hazard a guess that the LAN port of the MX you are trying to add is in the 192.168.24.0/24 subnet, if not then you can proceed, although it will affect the ability of that MX to talk to the 192.168.24.0 network.  The second issue is that, unless you don't need to talk to the outside world, the 192.168.0.0/12 network covers the IP ranges 192.160.0.1 - 192.175.255.254, most of which are genuine public IPs and not private ones, you will not be able to access any of them so I'd fix that first!

PhilipDAth
Kind of a big deal
Kind of a big deal

Is this network part of a template?  If so go to the template.  The supernet 192.168.0.0/12 will be defined there.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels