Site-Site VPN tunnels

Darian
Here to help

Site-Site VPN tunnels

Hello, 

 

We have a vendor that will be using our site-site so that they can use our Public IP to access whitelisted sites. Is there anyway to make it so traffic coming from that VPN goes to a specific public IP on our MX? Kinda like 1:1 NAT but for a VPN connection. 

5 REPLIES 5
Inderdeep
Kind of a big deal
Kind of a big deal

@Darian : Check this out 

https://documentation.meraki.com/MX/Site-to-site_VPN/Using_Site-to-site_VPN_Translation

 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com

Thank you for looking but the document says it is only intended for auto-vpn and not for non-meraki peers which is what our vendor has (we believe a fortinet)

KarstenI
Kind of a big deal
Kind of a big deal

My standpoint is always to avoid NAT if there is a different way to achieve a solution. Here, I would just place a Proxy and/or a jump-host into a DMZ and use this system to access the internet.

ww
Kind of a big deal
Kind of a big deal

Other option could be to use flow preferences  to push al your local vlans to use wan2.  And traffic from the vpn will use wan1 

PhilipDAth
Kind of a big deal
Kind of a big deal

Are we talking about a non-Meraki site to site VPN here?  If so, the answer is no.

 

You could deploy a proxy server (on a machine in your office), like the famous and free Squid, and let them use that though.

http://www.squid-cache.org/ 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels