Meraki

Community

Site 2 Site VPN one way traffic

garrd5017
New here
‎Feb 2 2024 8:30 AM
‎Feb 2 2024 8:30 AM

Site 2 Site VPN one way traffic

I have established a VPN connection from between an MX67 and Third Party firewall. 

computers behind the third party firewall can ping computers behind the MX67.

The computers behind the MX67 can't ping devices behind the third party firewall.

It looks like at NAT issue to me but I can't find anywhere to configure the NAT on the MX67.

 

Any help would be appreciated.

 

Thanks

David 

Labels:
0 Kudos
2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 2 2024 8:46 AM
‎Feb 2 2024 8:46 AM

How did you come to the conclusion that it is a NAT problem? It is more likely that ICMP is blocked on the other end.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 2 2024 8:48 AM
‎Feb 2 2024 8:48 AM

One more piece of information, it is not possible to configure NAT for a non-Meraki VPN, only for SD-WAN and support must be requested to enable the feature.

 

alemabrahao_0-1706892471826.png

https://documentation.meraki.com/MX/Site-to-site_VPN/Using_Site-to-site_VPN_Translation

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.