Site to Site VPN advice needed

SOLVED
monroeatc
Comes here often

Site to Site VPN advice needed

Hi, new to Meraki. 

 

We have a client expanding from 2 to 3 locations, with the newest location designated to be the HQ. We have the added benefit of supporting all 3 locations, and upgrading each location with new Meraki equipment. We have an MX100 at the HQ, and MX68 at each of the other 2 locations. HQ has 50 users, but planning to increase up to 250 soon. The other two locations have fewer than 50 users, with no plans to increase. HQ will be running a Windows server application, all sites need to access. 

 

My question, since we have the ability to dictate local subnets, what is the best practice and/or common configuration for this site to site vpn, knowing the number of users and equipment in play?

1 ACCEPTED SOLUTION
PhilipDAth
Kind of a big deal
Kind of a big deal

Lucky for you, with all sites being Meraki, you can simply use AutoVPN.

 

I quite like assigning /22's supernets to office locations.  They lets you have up to 4 x /24's subnets per site. Sample uses for them are:

* Servers

* Workstations

* VoIP

* Internet WiFi

Even if you only need a single /24 now, it's nice being able to accomodate changes without a big renumbering.

 

 

View solution in original post

2 REPLIES 2
PhilipDAth
Kind of a big deal
Kind of a big deal

Lucky for you, with all sites being Meraki, you can simply use AutoVPN.

 

I quite like assigning /22's supernets to office locations.  They lets you have up to 4 x /24's subnets per site. Sample uses for them are:

* Servers

* Workstations

* VoIP

* Internet WiFi

Even if you only need a single /24 now, it's nice being able to accomodate changes without a big renumbering.

 

 

Thanks! i apologize for the late response. This was exactly what i was looking for. We configured it this way...exactly how you put it. 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels