Hi all,
I know we can establish a VPN with a non-Meraki VPN peer i.e. One side Meraki MX and other peer/side a non-meraki VPN peer. Now as per the dashboard, we have to enter public IP of the non-Meraki VPN Peer. In my scenario, I have to establish a VPN with a non-Meraki VPN peer on Private IP address.
So, can we add a non-Meraki VPN peer with a Private IP address?
Solved! Go to solution.
Yes, It,s possible, however there are some configurations that you have to follow.
Follow these recommendations:
Security & SD-WAN -> Configure: Site-to-site VPN -> Non Meraki VPN settings:
Over Remote ID set your private IP and probably It will work.
And you have to send a ICMP packet to the tunnel establish.
Are both devices within the same site/network?
If so, I'm not quite sure why you would want to do this as opposed to just l3 routing.
If not, you'll need to port forward the appropriate IPsec ports on the internet facing device to the private IP of the non Meraki peer.
Bro we have a P2P connection b/w two sites, established by the govt-ISP. Now we want to setup VPN tunnel on top of that p2p connection. Its govt. project and thats how they want it.
I have setup a lab with an MX and a cisco router but in Meraki dashboard I am getting fips disabled error on event log
Yes, It,s possible, however there are some configurations that you have to follow.
Follow these recommendations:
Security & SD-WAN -> Configure: Site-to-site VPN -> Non Meraki VPN settings:
Over Remote ID set your private IP and probably It will work.
And you have to send a ICMP packet to the tunnel establish.
Oh really.. I thought its not possible. Let me try with these settings. I will revert. Thanks once again.
OMG my cisco routers 2600 only supports up to group 5 and no more. Its the router I am using in LAB. Now what other options do I have to test an IPSec VPN apart from my old cisco 2600. Can I set it up with the Windows server. On one end I have MX95 and I have to test IPSec VPN IKEv2 on any other device. I was testing it on 2600. But it seems that is too old now. Any suggestions?
You can test on Linux server with strongswan.