Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Unable to apply static route

ITNetworker
Conversationalist
‎Jan 19 2023 3:57 AM
‎Jan 19 2023 3:57 AM

Unable to apply static route

We currently have a setup where our remote sites are coming into the Meraki 10.100.116.13 via the S2S tunnels. We also have an ASA firewall 10.100.116.5 on the same subnet. The problem is with our servers.

We have 2 ingress points for each server:

Traffic egressing from sites using the Meraki VPN
Traffic leveraging the current Default Gateway for the environment which is the Cisco ASA

In order for the traffic to route correctly back to the Meraki Sites, static routes are required on each of the servers in the environment that will require the return routes to those sites through the Meraki MX. Adding the routes can be made on any new server deployment to ensure that availability is always available to those Meraki VPN Sites. Whilst this may work for several servers, its not manageable long term.

At the moment we are seeing traffic come into the Meraki > Server > ASA and then dropped as the ASA does not know where the traffic originated (without static route on server)

We would like to route traffic from a test server and at a later date the entire server subnet from the Meraki > ASA > Server > ASA > Meraki. To do this I believe we will need a static route on the Meraki...


I have attached an image to show the end goal we require.

 

ITNetworker_0-1674129821273.png

 

 

When applying the static route I am getting the error below

ITNetworker_2-1674129414445.png

 

 

ITNetworker_1-1674129384874.png

 

 

ITNetworker_0-1674129239797.png

 

 

 

Labels:
0 Kudos
Subscribe
5 Replies 5
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jan 19 2023 4:04 AM
‎Jan 19 2023 4:04 AM

The route is overlapping you default VLAN interface. You need to use another subnet.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
ITNetworker
Conversationalist
‎Jan 19 2023 4:35 AM
‎Jan 19 2023 4:35 AM

Hi alembrahao,

 

Thanks for the reply. 

 

Would the default subnet of 10.100.0.0/16 need amending to be more specific so to not capture the traffic for 10.100.116.X?

 

I assume I would need to create all VLANs on the meraki instead of using a /16 and pointing it all to the gateway..

0 Kudos
Subscribe
In response to ITNetworker
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jan 19 2023 4:57 AM
‎Jan 19 2023 4:57 AM

creating each separate subnet will not work, host 10.100.116.159/32. It cannot belong to any of the subintercafes created in MX, so it is necessary to use another subnet.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
ITNetworker
Conversationalist
‎Jan 19 2023 5:04 AM
‎Jan 19 2023 5:04 AM

As in re-ip the server not to be in 10.100.X.X..?

0 Kudos
Subscribe
In response to ITNetworker
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jan 19 2023 5:10 AM
‎Jan 19 2023 5:10 AM

Or you can create another subnet between the MX and the ASA to do.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.