Meraki

Holli69 · ‎Nov 16 2021

Hi,

we have 2 Organisations, one with MX100, the other one with MX450. We want to build a VPN tunnel between the 2 Orgas.

As I know, AutoVPN isn't working, only configuration like a non-Meraki VPN.

Has anyone experience with this configuration ?

1) How stable is the VPN tunnel ?

2) Is this config possible with IKEv2 instead of IKEv1, transfering 3 Subnets within the tunnel ?

We like to go with IKEv2 if this is possible ?

CptnCrnch · ‎Nov 16 2021

1) Stable enough for production use. Guess this will be the most accurate answer you'll get.

2) Yeah, IKEv2 is completely supported since 15.2.

Please take a look at the note mentioned on Site-to-Site VPN Settings - Cisco Meraki:

"When configuring NMVPN connections between 2 MXs in different organizations that are running MX15 code and above that are not using a UserFQDN and are NATed behind an upstream device, please ensure that the remote ID field of the NMVPN peer is filled out with the private IP address of the remote NATed MX."

View solution in original post

CptnCrnch · ‎Nov 16 2021

1) Stable enough for production use. Guess this will be the most accurate answer you'll get.

2) Yeah, IKEv2 is completely supported since 15.2.

Please take a look at the note mentioned on Site-to-Site VPN Settings - Cisco Meraki:

"When configuring NMVPN connections between 2 MXs in different organizations that are running MX15 code and above that are not using a UserFQDN and are NATed behind an upstream device, please ensure that the remote ID field of the NMVPN peer is filled out with the private IP address of the remote NATed MX."

Holli69 · ‎Nov 17 2021

@CptnCrnch

Many thanks for your reply. Is Site-to-Site VPN with IKEv2 possible with more than 1 Subnet (e.g. 3-4 Subnets)

Meraki

Community

Two different Organisations with two MX

Two different Organisations with two MX