hello,
just a questin regarding VPN: tunnel data to a concentrator for SSID
Layer 3 roaming with a concentrator is clear , the client is projected in the vlan directly attached to mx appliance and gets an ip from a remote DHCP
what happens when using VPN: tunnel data to a concentrator option?
(this is needed as we would like to use split tunnel )
the client still gets is IP from remote DHCP?
how is handled traffic from client leaving the AP outside the vpn?
sorry it seems I cannot find this kind of informations googling on...
thank you in advance
Solved! Go to solution.
@Gx3, wasn't sure on this one so I thought I'd let someone else respond. But obviously no-one else knew either. So I've just run in through my lab.
In split tunnel mode the client still gets the DHCP address from the remote (VPN concentrator) network.
In split tunnel mode if the traffic isn't going into the tunnel it is NATed to the management IP address.
Hope this confirms what you expected.
Hi @Gx3 Did you check the below post on VPN Concentrator Deployment Guide
https://documentation.meraki.com/MX/Deployment_Guides/VPN_Concentrator_Deployment_Guide
Regards
Inderdeep Singh
Thank you for the link but still cannot find an answer in that document
MX appliance is in passtrough mode (external dhcp)
I presume the wireless clients on ssid configured in Tunnel mode to concentrator will get ip from that dhcp
but (assuming that) how split tunnel traffic (non vpn) can be handled ? (maybe via a nat mode on the local subnet ?)
sorry if I'didn't see that information
thank you
up
hello noone can answer this?
thanks
@Gx3, wasn't sure on this one so I thought I'd let someone else respond. But obviously no-one else knew either. So I've just run in through my lab.
In split tunnel mode the client still gets the DHCP address from the remote (VPN concentrator) network.
In split tunnel mode if the traffic isn't going into the tunnel it is NATed to the management IP address.
Hope this confirms what you expected.
Yes! Thank you so much!!