Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Specific traffic through VPN Tunnel

MijanurRahman
Getting noticed
‎Feb 26 2018 4:18 AM
‎Feb 26 2018 4:18 AM

Specific traffic through VPN Tunnel

Hi Team,

I have Meraki auto-vpn deployed in three sites (three spoke sites + one hub site). We want few web URL request generating from spoke site users to be routed through the VPN tunnel and offload to hub site. Other browsing requests should be routed towards local internet lines.

Any idea how to implement this?

0 Kudos
Subscribe
6 Replies 6
Uberseehandel
Kind of a big deal
‎Feb 26 2018 4:51 AM
‎Feb 26 2018 4:51 AM

@MijanurRahman wrote:

Hi Team,

I have Meraki auto-vpn deployed in three sites (three spoke sites + one hub site). We want few web URL request generating from spoke site users to be routed through the VPN tunnel and offload to hub site. Other browsing requests should be routed towards local internet lines.

Any idea how to implement this?

Whilst what I suggest doesn't specifically answer your question, it does provide a methodology - 

I use masquerade to transparently link to specific VPN servers when a URL contains a specific address.

 

So if the device attempts to directly access, say "https://fishflix.fr" from a location in ".ie", the request is transparently routed via tunnelcritter (a VPN service) to to a server in .fr, from where fishflix.fr is located and offers a service to those accessing from within the fr regulatory domain.

Note: names have been changed to protect the innocent.

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
0 Kudos
Subscribe
In response to Uberseehandel
MijanurRahman
Getting noticed
‎Feb 26 2018 5:03 AM
‎Feb 26 2018 5:03 AM

Thanks for your reply @Uberseehandel

But how to implement it in Meraki MX scenario?

0 Kudos
Subscribe
In response to MijanurRahman
Uberseehandel
Kind of a big deal
‎Feb 26 2018 5:18 AM
‎Feb 26 2018 5:18 AM

@MijanurRahman wrote:

Thanks for your reply @Uberseehandel

But how to implement it in Meraki MX scenario?

Use the hosts file on the devices

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
0 Kudos
Subscribe
In response to Uberseehandel
MijanurRahman
Getting noticed
‎Feb 26 2018 5:32 AM
‎Feb 26 2018 5:32 AM

Oh no, there are 2500+ devices per site, 99% of them are mobile users - I don't see that is doable.

0 Kudos
Subscribe
In response to MijanurRahman
Adam
Kind of a big deal
‎Feb 26 2018 6:15 AM
‎Feb 26 2018 6:15 AM

You should be able to create a route under Security Appliance>Addressing & Vlans>Add Static Route

 

Then create a route to the websites you desire and route it through your hub site. 

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
0 Kudos
Subscribe
In response to Adam
Uberseehandel
Kind of a big deal
‎Feb 26 2018 6:58 AM
‎Feb 26 2018 6:58 AM

If you have a policy server, controlling the hosts file is simple - you can use Group Policy Preferences to copy the hosts file

 

GPMC - Computer Configuration - Preferences - Windows Settings - Files

'Replace' from a network share to %SystemDir%\drivers\etc\hosts

The if you need to add/remove websites at some point in the future, you only need edit the hosts file on the network share and it will be copied over the hosts file on each client.

 

 

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.