My main subnet is 10.69.11.0/24 and my DHCP is off since we have a Windows DHCP server.
In my asa 5505, I had a vpn setup and the vpn clients used to get a DHCP IP in the range 10.69.11.220-10.69.11.253 from the ASA.
Where can I setup thin in the meraki?
Thank you
The subnet is set at the clientvpn option itself. Dhcp is provided from the mx
I don't understand your answer.
@Alain_Bensimon in the dashboard go to Security & SD-WAN - Client VPN and enable the VPN, the setting is here:
Currently I have this:
and this
I would like the VPN clients to get IP's within my main subnet.
Hi @Alain_Bensimon I don't think that is possible, the subnets need to be different to be routable
so what are my options?
I absolutely need VPN clients to get IP's within that range because we have a site to site VPN to access some programs that are located on another site, and if clients are out of that range, they are denied of entry.
Is it possible to disable the VPN client subnet and get IP's from our Windows DHCP server that already assign IP's to our local clients?
@Alain_Bensimon you could divide the existing LAN subnet in two and have half for the LAN and half for the VPN clients i.e. LAN has 10.69.11.0/25 and VPN has 10.69.11.128/25, or you could ask the other site owner to permit an extra subnet and use that for the VPN.
@cmr I thought about that, but then they will be on another vlan, and the VPN clients won't have access to the local ressources of our main Lan.
Is there any way that the meraki does not assign IP adresses to the VPN clients and let my Windows DHCP server take care of it?
I don't think so, I cannot think of any modern firewalls that allow that feature.
The ASA can provide the VPN addresses via DHCP.
back to topic: Why shouldn’t. systems on the main LAN not be able to communicate with VPN clients on a different LAN? For sure that works.