Hi - I am quite new to Meraki devices and looking for some advice/help here.
I have a non-meraki VPN peer on my MX100, which I have to use to forward any traffic from a specific wireless SSID.
As of now I have 3 different Wireless SSIDs available on my device and using default route to WAN1 (ISP). Now I have to create an additional SSID (e.g. Test_Network) and VLAN associated with this SSID will use a separate private subnet (e.g. 172.16.x.x/23).
I want to route all the traffic from this subnet to my non-meraki peer VPN and this traffic should not follow WAN1. Also there should not be any impact or change to my existing wireless SSIDs.
Is this a possibility in MX100 ?
Solved! Go to solution.
Guess this would be possible to do by ACL in Firewall rules 🙂
But what about normal internet usage you dont want to use WAN1?
Thank you LasseBang for your reply.
Actually it is to bisect the Internet Usage for a group of users. There is one Corporate SSID which will keep using the Native Internet using local ISP.
And this new SSID will be used forward the Internet or any traffic to a separate Internet gateway location using the VPN
I hope I am clear in my question.
Thank you for the quick responses.
And yes you are right wanted to tunneled all the traffic for a specific VLAN or SSID.. will try to look for some other solution.
Thank you again 🙂
@LasseBang is correct. There's no way to do what you're asking with a Non-Meraki VPN.
If you have no other VPNs of any kind, then you should be able to do this by including just the VLAN that has the source traffic (and it will need to be dedicated for this) and specifying a remote encryption domain of 0.0.0.0/0.