Hello.
We have a MX100 on one end and a MX 84 at another location. At the present time these 2 sites are NOT configured for a site to site VPN. However, we DO want to create a site to site connection but NOT over the primary WAN connection (not yet). Here is the situation. The (2) sites have a unique configuration where they have a site to site WIRELESS bridge solution from a local wireless internet service provider. Basically, they can connect the devices on both ends to their switches and traffic will pass between the (2) sites. It is really like have a super long cable connecting the (2) sites. The devices that terminates this wireless setup are simple Layer 2 devices. However, we want to plug this layer 2 device into port (2) on each MX appliance and configure a VPN (maybe? see below). We want to route traffic over that pipe as if it is a VPN using the traditional method where you have publicly routed static IP addresses assigned. However, since these devices are layer 2 there are no IP addresses assigned. The wireless internet provider says we simply need to assign a private /30 block to the layer 3 device (Meraki) and we can accomplish this goal. However, I have not tried this yet.
Will the Meraki appliance allow me to setup a "Direct" static connection in the "Internet" zone using "Private" IP addresses like 10.0.0.x/24? This is basically similar to what you might setup for an intranet router configuration.
Can the Meraki be configured in this type of configuration with the Zone being "Internet"?
I could scrap the entire VPN idea all together and just configure port (2) with a private /30 address and setup routing rules to handle the traffic. However, if I eventually do decide to setup the existing connections on WAN1 as a point to point VPN can I accomplish WAN failover in the event that one pipe goes down? So basically if this wireless bridge thing goes down can the Meraki failover to a point to point VPN configured on the WAN1 port?
Thanks for any info