Looking for more info on setting up the above.
I have 1 main MX serving multiple smaller MX'es in china. All on China Portal.
Now I'm trying to establish a VPN between the main MX and a VMX e.g. Azure in Australia.
I believe Auto VPN is out the question, since its not on the same portal.
Hence, correct me if wrong but the only way to setup is by using the Non-Meraki VPN peers option. Is that right?
If they're in different organizations, yes, but particularly I've never tried to establish a Non-Meraki VPN between two MXes, I don't know if that would work.
Because the MXes in China and the one in Azure are in different organizations, you are totally right - Non-Meraki VPN would be the solution. This is working fine, it is just some considerations that you need to have in mind.
1. The non-meraki VPN will use standard VPN ports 500 and 4500. Those might be blocked by Chinese provider or Great Firewall.
2. Using AutoVPN should bypass the Great Firewall, because of the high ports which are usually not blocked.
3. Any of those solutions might break the law.
Thanks for the sharing.
About point 3, wouldn't the solution (non-meraki VPN) be 'within the law' as long as the data are used only for internal data exchange and office use.
https://documentation.meraki.com/General_Administration/Support/Information_for_Users_in_China
Hi,
I wonder how did you end up connecting them? Did non-meraki VPN work? Thanks
When setting up Non-Meraki VPN connections between two MXs in different organizations, make sure to populate the Remote ID field of the Non-Meraki VPN peer with the private IP address of the remote MX if all of the following conditions are met:
The MXs are running firmware version MX 15 or higher.
They do not use a User FQDN.
They are connected behind an upstream NAT device.
Anything that uses locally provided Internet will face interruptions.
You will need to consider Non Internet as medium to establish the connection between China & Global.
https://documentation.meraki.com/General_Administration/Support/Information_for_Users_in_China#ntegr...