Meraki

Unexus · ‎Dec 27 2023

I have a MX67

Site-to-Site VPN to Azure VPN

VLAN1 192.168.1.0/24

When connected with remote client I can connect over Azure VPN to 192.168.1.x (MX67) and another HTTP(S) accessibel device in the local network.

In VLAN1 also a SOPHOS RED is connected, that creates a VPN tunnel to another site (192.168.70.0)

Connection to 192.168.70.0 is created via a static route via 192.168.1.1

When in local LAN we can connect to 192.168.70.0 (route table in MX shows 192.168.1.1 as next hop)

When remote we cannot connect ot 192.168.70.0 anymore. Traffic gets lost somewhre in MX.

When we make a wireshark trace in MX, we see trafic coming from Azure VPN clients to 192.168.70.0 but then no further traffice anymore.

I expect I need to make a route FROM Azure VPN Clients (10.99.2.0) to 192.168.70.0 via 192.168.1.1 but cannot figure out where to create that.

Anyone a suggestion?

Regards,
Frederik

alemabrahao · ‎Dec 27 2023

Unfortunately it is not possible to route a non-Meraki VPN within SD-WAN. The best option you have is to have a vMX within Azure and use SD-WAN instead of a non-Meraki VPN.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

alemabrahao · ‎Dec 27 2023

Unfortunately it is not possible to route a non-Meraki VPN within SD-WAN. The best option you have is to have a vMX within Azure and use SD-WAN instead of a non-Meraki VPN.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Meraki

Community

(Re)Routing via MS67

(Re)Routing via MS67