Meraki

Community

Regarding a question

Solved
SD-WAN1
Here to help
‎Feb 9 2024 2:58 AM
‎Feb 9 2024 2:58 AM

Regarding a question

Connections are made like this

 

Internet 1 - Meraki router 1 - PC1

Internet 2- Meraki router 2- PC2 

PC1 and PC2 are connected to same hub.

Now I need to know if I can ping from PC2 to PC1 and vice versa? 

 

And communication from each PC to hub shouldn't disturb.

 

Is this infra possible on Meraki ?

0 Kudos
1 Accepted Solution
alemabrahao
Kind of a big deal
‎Feb 9 2024 4:10 AM
‎Feb 9 2024 4:10 AM

If the subnet of both Spokes is enabled to participate in the VPN, they will know the route to each subnet through the Hub, and of course if you have any Firewall rules configured you need to release ICMP, otherwise it won't be a problem.
 
I didn't understand this sentence "And communication from each PC to hub shouldn't disturb."
 
You don't want communication to go through the Hub? Would it be this?
 
Another important point, often the Windows Firewall or aintvirus blocks ICMP, so if you are going to do a test, disable both.
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

0 Kudos
3 Replies 3
ww
Kind of a big deal
Kind of a big deal
‎Feb 9 2024 3:03 AM
‎Feb 9 2024 3:03 AM

You have to use the statefull vpn firewall.

https://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-site_VPN_Firewall_Rule_Behavior

 

Other option is stateless fw rules using group policies . Attached to a vlan or client

0 Kudos
alemabrahao
Kind of a big deal
‎Feb 9 2024 4:10 AM
‎Feb 9 2024 4:10 AM

If the subnet of both Spokes is enabled to participate in the VPN, they will know the route to each subnet through the Hub, and of course if you have any Firewall rules configured you need to release ICMP, otherwise it won't be a problem.
 
I didn't understand this sentence "And communication from each PC to hub shouldn't disturb."
 
You don't want communication to go through the Hub? Would it be this?
 
Another important point, often the Windows Firewall or aintvirus blocks ICMP, so if you are going to do a test, disable both.
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 11 2024 11:16 AM
‎Feb 11 2024 11:16 AM

>PC1 and PC2 are connected to same hub.

 

Do you mean "Meraki Router 1" and "Meraki Router 2" are connected to the same hub?  If so, then if AutoVPN is enabled on the Meraki MX devices than the PCs will be able to talk to each other.

0 Kudos
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.