I have established a VPN tunnel to enable the establishment of a connection between these centers. They are in different organizations. People in the organization must have access to resources (DNS server, etc.) on CPD. I think the only way is to migrate the center to my organization. Am I righth ?
You have two Orgs connected with VPN to each other and want to use resources like DNS from Org A in org B, correct?
If you used Site-toSite-VPN you configure the remote site subnets and there has to be the subnets which are necessary. Afterwards the DNS server is reachable from the remote site. Keep in mind you may have to allow this communication in a third party firewall if you have one.
Hi @MarcP I spoke yesterday to the IT responsible of other organization if we can to add VPN tunnel the networks for reach CPD dns server for example
He reply this:
You can only Tunnel to the subnets in each individual site with Meraki 3rd party site to site. You cannot route traffic from other networks through a single network's tunnel in a 3rd party VPN. It's a limitation with Meraki.
The only way around making a ton of different tunnels to cover this would be to move the networks into the same organization. like 1
Before we get started, please review and acknowledge the following items:
Our internal tool can split out existing Dashboard Networks into new Dashboard Organizations (DOs). The tool cannot place devices and licensing from one DO into another existing DO. This is a security policy -- we cannot copy information into existing organizations.
The Users List is not copied into the new Organization (This is used for Client VPN and SSID authorization).
Each new organization will have its own expiration date for licenses. Unless the licenses are evenly split out, these dates will likely vary.
The process is not reversible.
The following cannot be split:
Systems Manager networks
Config templates cannot be split
Config template children cannot be split
Wireless networks that have used billing at any point (and thus have Configure > Billing payout) are tied to the org, and cannot be split??
(If using an MX for Auto VPN to another MX in the current DO) Please note that Auto VPN is currently only for Meraki security devices in the same DO. Security appliances that were once connected via Auto VPN must be connected as third-party peers after the split (See: Configuring Site-to-Site VPN).
You may receive multiple emails in regards to license problems while Cisco Meraki Support is moving license keys.
There may be some new DOs that need additional licenses because of expired license keys."
Historical data usage is not transferred (including event, and changelog entries)
Any pending action batches will not be copied to the new organization and pending action batches involving networks split into the new organization will likely fail.