Meraki

denekez · ‎Apr 20 2022

I followed the documentation setting up the connection but the MPLS connection on WAN 2 of the MX doesn't ever say connected. Configuring Site-to-site VPN over MPLS - Cisco Meraki

Design

Data Center at HQ has a core switch with a VLAN 700,701 each have an assigned IP address on those interfaces. Have one port on this switch configured as a TRUNK port that connects to our ISP for our MPLS. Both remote sites are using this one port with 2 different vlans.

Remote Sites - First remote site has a MX and with an internet connection that is working over the Site to site VPN - WAN 1 connecting back to a VPN concentrator at HQ. On WAN2 I configured this port to have a static IP for VLAN 700. This connection never comes up.

I previously had a L3 switch at the remote site that had a trunk port with a native vlan set to 700 and an IP address assigned to the vlan 700 interface. Default route back to the HQ vlan 700 interface IP.

Am I required to still have a L3 switch on the remote side so the MX connects into a access port on the switch? Or can it connect into trunk port from the HQ going across the MPLS connection.

Ryan_Miles · ‎Apr 20 2022

Little tough to follow without a diagram. But, in general if the MX WAN interface shows as down then it means it cannot reach dashboard. Does that interface have a proper route & NAT to reach internet/dashboard?

View solution in original post

Ryan_Miles · ‎Apr 20 2022

Little tough to follow without a diagram. But, in general if the MX WAN interface shows as down then it means it cannot reach dashboard. Does that interface have a proper route & NAT to reach internet/dashboard?

denekez · ‎Apr 21 2022

I assumed it did but after thinking about it a little hard that network that I created for the interconnect isn't allowed through the firewall. I will be enabling this later today to and will report back my finding.

Meraki

Community

Site to Site VPN with MPLS as Primary Connection

Site to Site VPN with MPLS as Primary Connection