Meraki Community

Jpoljic · ‎Oct 30 2018

Hi,

I have small issue with MX > auto VPN > vMX > Ipsec > AWS

I have in MX 10.196.0.0/20 , In vMX 10.3.0.0/20 and in AWS 192.168.0.0/16

From MX Im able to reach vMX network but not able to reach Native AWS Site to site 192.168.0.0/16

In VMX I have created local subnet 10.30.0.0/20 and when trying to ping 192.168.0.22 My Ping coming from the MX 10.196.0.0/20 but route back is using default route and send traffic out via default route.

Im looking for 2 solution.

1. How to back route from AWS 192.168.0.0/16 via VMX to MX.

2. How to deploy Native AWS S2S to vMX and this config not deploy to MX, then create new Native AWS S2S to MX100. This is not possible because configuration for S2S is deployed automatically to all organization firewalls and I have overlapping subnets 192.168.0.0/16 if try to create MX > AWS AND vMX > AWS .

PhilipDAth · ‎Oct 30 2018

If you are using a vMX in AWS - why would you want to use a seperate VPN?

Jpoljic · ‎Oct 30 2018

vMX is in different AWS environment and 192.168.0.0/16 is in another AWS environment.

vMX - AWS A

192.168.0.0/ - AWS B

No VPC peering between AWS A and AWS B

PhilipDAth · ‎Oct 30 2018

Non-meraki VPN routes can not be distributed via AutoVPN.

So you would need to build a VPN from the 192.168.0.0/16 AWS environment to both the vMX and the on-premise MX.

Meraki Community

Site to Site VPN MX > VMX > AWS

Site to Site VPN MX > VMX > AWS