Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Site-to-Site VPN subnet translation for multiple VPNs

Solved
WimC
New here
‎Jun 6 2023 3:30 AM
‎Jun 6 2023 3:30 AM

Site-to-Site VPN subnet translation for multiple VPNs

Hi, 

 

This might be a stupid question as I'm not all that well versed into more complex networking and Meraki. 

 

Situation:

We have a (hard) requirement from a vendor to connect to their appliance via a local subnet IP. 

These appliances will be installed on multiple locations behind (MX to MX) Site-to-Site VPNs.

All sites have a different subnet so there isn't any overlapping.

We already let Meraki support activate "IPv4 VPN subnet translation" for our company.

 

Problem:

We can successfully do a single "local subnet to VPN subnet" translation using the "IPv4 VPN subnet translation" feature but will need to do more translations in the future as more sites will be added. This feature only seems to allow a single entry per local subnet (and also not per remote subnet so there might be some extra issues there where it will also be translated on the other VPN sites where it shouldn't.)

 

Example connection (client <> appliance):

192.168.0.5 (translated to 10.0.0.5) <-S2S VPN#1-> 10.0.0.9/24
192.168.0.5 (translated to 10.0.1.5) <-S2S VPN#2-> 10.0.1.9/24

 

Is this even possible on Meraki?

 

Kind regards,

Wim

Labels:
0 Kudos
Subscribe
1 Accepted Solution
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jun 6 2023 3:50 AM
‎Jun 6 2023 3:50 AM

Unfortunately not, for now this is the option that Meraki offers.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

Subscribe
2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jun 6 2023 3:50 AM
‎Jun 6 2023 3:50 AM

Unfortunately not, for now this is the option that Meraki offers.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Subscribe
In response to alemabrahao
WimC
New here
‎Jun 6 2023 5:36 AM
‎Jun 6 2023 5:36 AM

I'm sad to hear that. 😕

Guess we'll just put an EdgeRouter in the VPN networks and NAT on there, as a second MX for just NATing would be overkill. 

 

I also asked support in parallel and they gave me the same answer. 

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.