- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
multiple offices site-to-site from one office needs to be allowed to send traffic from the other
Ok, I am going to pair this down to make it easier to understand and explain. Client has multiple sites, but lets just say 2 a office and a data center cause that is all this involved Data Center will be DC , Office will be OFC and 3rd party.
So the Servers at the clients DC have a Site to site on the MX to a 3rd party network, Some of the office staff do not use the servers to interact with the 3rd party network. so the network kind of looks like this
DC-<->Site2Site<->Office
DC<->Site2Site <->3rd party
DC<-> Client VPN Resides here
When users are using the Client VPN, the have complete access to everything on the server and the 3rd party
When in the office, they have access to everything in the DC, but can not reach the 3rd Party
I Would rather if at all possible not setup another 3rd Party network site-to-site to the office network, just for a couple of people, but, if thats the last resort.. I will.. Just trying to find if I can just adjust some rules, or routing and get that to work?
Solved! Go to solution.
- Labels:
-
3rd Party VPN
-
ACLs
-
Client VPN
-
Firewall
-
Other
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The MX will not route between non-meraki vpn peers and auto-vpn peers as described here: https://documentation.meraki.com/MX/Networks_and_Routing/MX_Routing_Behavior#AutoVPN_and_Non-Meraki_...
If I am understanding correctly, you have a non-meraki site2site vpn connection between the datacenter and the 3rd party, and then you're using Auto VPN or another non-meraki vpn s2s from the datacenter to the office.
Either way, unfortunately, you'll need to create another site-to-site vpn connection between the office and 3rd party network.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The MX will not route between non-meraki vpn peers and auto-vpn peers as described here: https://documentation.meraki.com/MX/Networks_and_Routing/MX_Routing_Behavior#AutoVPN_and_Non-Meraki_...
If I am understanding correctly, you have a non-meraki site2site vpn connection between the datacenter and the 3rd party, and then you're using Auto VPN or another non-meraki vpn s2s from the datacenter to the office.
Either way, unfortunately, you'll need to create another site-to-site vpn connection between the office and 3rd party network.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The @JonathanSwitch is right.
Please, if this post was useful, leave your kudos and mark it as solved.
![](/skins/images/BA03AD7B95353A00DC47083EDDA5D825/responsive_peak/images/icon_anonymous_message.png)