Meraki

Zee9

We have a vendor we work with that needs to see our whitelisted IP when we connect to their network. We just moved over to Meraki from an ASA that had this ability. It was configured by our ISP. We want traffic destined for a specific public IP to show as coming from our VPN IP. Is this possible on the Meraki? If so, where would that be setup?

CptnCrnch

By default, an MX will do NAT and hide everything within your internal network (and Reote Access VPN) to its offical IP address on the outside interface.

So, in a nutshell - it could be working right out of the box. Don‘t know anything about your infrastructure though

Zee9

As it's setup now, and we went live on Friday night, while in the office it shows the IP address we need. While remote on VPN it shows the remote public IP. Can it show a specific IP while remote over VPN to a specific public IP? So, only traffic looking to get to the public IP of a vendor we use will show a public IP as if in the office over VPN. Hope that makes sense. We have a Meraki MX 68.

Mloraditch

If you do full tunneling on your client or anyconnect vpn it should work. If you do split tunneling this scenario is not supported by Meraki directly. It will only work if you have another firewall to route this traffic out of and thus could include the relevant static route in the client vpn.

Zee9

That's what I was afraid of. Full tunneling would mean all users on VPN always use everything on the VPN network instead of taking advantage of their own network, correct?

Mloraditch

Correct

Meraki

Community

Special Routing Over AnyConnect VPN

Special Routing Over AnyConnect VPN