Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Sending Specific VLAN traffic over Site to Site VPN

Solved
trunolimit
Building a reputation
‎Jul 1 2020 12:22 PM
‎Jul 1 2020 12:22 PM

Sending Specific VLAN traffic over Site to Site VPN

I want to send all traffic on VLAN 99 in Site A over the site to site VPN to Site B. Even internet traffic so it looks like VLAN 99 is coming in and out of Site B.

 

Is this default Site to Site VPN behavior? Or do I have to do something special to make this happen? 

 

Use case is Site A is in Europe and Site B is in USA. We wan't all devices on VLAN 99 to look like they are in the USA

0 Kudos
Subscribe
1 Accepted Solution
In response to cmr
trunolimit
Building a reputation
‎Jul 1 2020 4:22 PM
‎Jul 1 2020 4:22 PM

"Create each subnet on site B separately with separate VLANs"

 

I don't understand this. Is there more than 1 way to create a subnet and VLAN? Or does this just mean I need to have more than a single subnet and VLAN in the network? Because that's a given.

 

"Only include VLAN99s subnet in the SD-WAN and have the default gateway of VLAN99 as the MX,"

 

Which MX? Site A or Site B? VLAN99 only exists in Site A and I have included only that in the SD-WAN VPN. Is this correct bellow?

 

trunolimit_0-1593645449941.png

"other VLANs have interfaces on site L3 switching"

 

You lost me here. Why do I need to turn on L3 switching? I've never dealt with L3 switching on meraki. The last time I dealt with L3 switching was on a cisco catalyst years ago.

 

"Have site B as a spoke with default gateway as site A"

 

Is that the checkbox on the Site to Site VPN page?

trunolimit_1-1593645738207.png

 

I appreciate the help.

 

View solution in original post

0 Kudos
Subscribe
5 Replies 5
cmr
Kind of a big deal
Kind of a big deal
‎Jul 1 2020 1:32 PM
‎Jul 1 2020 1:32 PM

Create each subnet on site B separately with separate VLANs

 

Only include VLAN99s subnet in the SD-WAN and have the default gateway of VLAN99 as the MX, other VLANs have interfaces on site L3 switching

 

Have site B as a spoke with default gateway as site A

 

All traffic from B should go to A including internet as VLAN 99 only knows what site A tells it about over the SD-WAN

Subscribe
In response to cmr
cmr
Kind of a big deal
Kind of a big deal
‎Jul 1 2020 1:36 PM
‎Jul 1 2020 1:36 PM

It would probably work with all VLAN interfaces on MX as long as the other VLAN subnets are not included in the SD-WAN, though unless VLAN99 needs to talk to other site B VLANs I'd go with VLAN interfaces on a L3 switch for the rest.

0 Kudos
Subscribe
In response to cmr
trunolimit
Building a reputation
‎Jul 1 2020 4:12 PM
‎Jul 1 2020 4:12 PM

Question: What does the Default route check box do?

trunolimit_0-1593645010636.png

Also since checking that box I now have two default routes. What are the consequences of that?

 

trunolimit_1-1593645132235.png

 

Subscribe
In response to cmr
trunolimit
Building a reputation
‎Jul 1 2020 4:22 PM
‎Jul 1 2020 4:22 PM

"Create each subnet on site B separately with separate VLANs"

 

I don't understand this. Is there more than 1 way to create a subnet and VLAN? Or does this just mean I need to have more than a single subnet and VLAN in the network? Because that's a given.

 

"Only include VLAN99s subnet in the SD-WAN and have the default gateway of VLAN99 as the MX,"

 

Which MX? Site A or Site B? VLAN99 only exists in Site A and I have included only that in the SD-WAN VPN. Is this correct bellow?

 

trunolimit_0-1593645449941.png

"other VLANs have interfaces on site L3 switching"

 

You lost me here. Why do I need to turn on L3 switching? I've never dealt with L3 switching on meraki. The last time I dealt with L3 switching was on a cisco catalyst years ago.

 

"Have site B as a spoke with default gateway as site A"

 

Is that the checkbox on the Site to Site VPN page?

trunolimit_1-1593645738207.png

 

I appreciate the help.

 

0 Kudos
Subscribe
In response to trunolimit
trunolimit
Building a reputation
‎Jul 2 2020 8:35 AM
‎Jul 2 2020 8:35 AM

So this actually turned out to be super simple. That "default route" checkbox was the key.

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.