cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Site to Site VPN tunnel to one computer

Highlighted
Conversationalist

Site to Site VPN tunnel to one computer

Hi Everyone,

I've got a client who needs to set up a site-to-site tunnel that only allows access to one computer.  I haven't done much work with Meraki, so I figured I'd do a quick sanity check to validate a few things

- The other endpoint is not a Meraki, so I assume I'd be configuring this under "Non-Meraki VPN Peers"

- I would be using a /32 in the Private Subnets

- I would be choosing "No Networks" in the Availability so that this tunnel wouldn't be created on other Merakis in the organization

Is there anything I'm missing or misunderstanding?

Thanks!

 

 

2 REPLIES 2
Highlighted
Building a reputation

Re: Site to Site VPN tunnel to one computer

Hi there,

 

I think what you are proposing should work OK, if you wanted to be safe, you could also create a firewall rule to block all traffic to the VPN subnet from all other networks / vLANs - just "belt and braces"

 

Although reading your post again, why not keep life simple and use client VPN ?

 

Regards

 

Gary

CTO & Solutioneer
CMNA, CMNO
SNSA, SNSP
Highlighted
Kind of a big deal

Re: Site to Site VPN tunnel to one computer

You won't be able to do this.  For the source encryption domain on the Meraki side you can only select whole subnets.

 

You'll need to tag the network and then apply the non-Meraki VPN to that tag.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.