Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

forward traffic from site 1 to site 2 over non-meraki s2s VPN (initiated from interent)

Solved
Jeremy_h
New here
‎Aug 25 2021 4:35 PM
‎Aug 25 2021 4:35 PM

forward traffic from site 1 to site 2 over non-meraki s2s VPN (initiated from interent)

Hi, i have a conundrum, I have a client who is currently setup in a home office with an SD-WAN to his fixed office, in this setup, an external provider connects to the fixed office service and the meraki can route/portfoward traffic to the remote site however he wants to bring his business over to our company and we are not willing to add his home office network in to our organisation which from my view means his connection option is limited to a non-meraki s2s VPN setup. 

I need to know (if its possible) how to connect:

"3rd party external initiated connection - site 1 office internet - port forward traffic over s2s to site 2 - connected to application server"

Is this possible with the meraki? i'm a total networking newbie and am investigating external support for this but just need to know if it is possible with the meraki devices to provide a solution like this as it dosn't seem so. 

Hopefully that makes enough sense?

Thanks in advance. 

Labels:
0 Kudos
Subscribe
1 Accepted Solution
In response to Jeremy_h
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Aug 25 2021 6:12 PM
‎Aug 25 2021 6:12 PM

No.

View solution in original post

Subscribe
4 Replies 4
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Aug 25 2021 5:46 PM
‎Aug 25 2021 5:46 PM

You can not forward traffic that has come in over AutoVPN from an SDWAN branch back out a Non-Meraki site to site VPN.

 

You would need to build a non-Meraki VPN directly to the users home.

Subscribe
In response to PhilipDAth
Jeremy_h
New here
‎Aug 25 2021 5:49 PM
‎Aug 25 2021 5:49 PM

Hi PhilipDAth, thanks yes we are not going to continue with the AutoVPN, so it will be Non-Meraki S2S VPN but i cant see how we can forward traffic that has come in over the internet interface of site 1 to the lan of site 2 via the Non-Meraki S2S VPN, would that be possible? 

0 Kudos
Subscribe
In response to Jeremy_h
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Aug 25 2021 6:12 PM
‎Aug 25 2021 6:12 PM

No.

Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Aug 25 2021 5:48 PM
‎Aug 25 2021 5:48 PM

It would be easier to get the customer to buy a little Meraki Z3 to go at your office and hang it off an interface on your existing firewall (in VPN concentrator mode).

https://meraki.cisco.com/product/security-sd-wan/teleworker/z3/

 

You can then create whatever firewall rules you like to allow them to access whatever.  You would add static routes on your firewall via the Z3 for their remote subnets.

https://documentation.meraki.com/MX/Deployment_Guides/VPN_Concentrator_Deployment_Guide 

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.