Meraki

Community
  • About Gnana

About Gnana

Re: Isloating traffic between two IPSEC VPNs (Non-Meraki Peers)

by in Security & SD-WAN
9 hours ago
9 hours ago
Hi @Mloraditch Thank you so much for the response.    Can we atleast block the traffic destined for one VPN from going into another using S2S VPN Firewall feature? My filtering logic as below. Source (Subnets accessing Azure application)- Destination (Azure hosts)- Permit Source (Subnets accessing Azure application)- Destination (any)- Deny Source (Guest VPN subnet)-Destination (Azure hosts)- Deny Source (Guest VPN subnet)-Destination (Any)- Permit   Basically i put more specific traffic higher in the rule order and more generic traffic lower. I am hoping this will block the unwanted traffic at the source, before it enters the tunnel. Will this arrangement work? ... View more

Isloating traffic between two IPSEC VPNs (Non-Meraki Peers)

by in Security & SD-WAN
15 hours ago
15 hours ago
Dear all,   We need to enable two IPSEC VPNs (different non-Meraki Peers) in many of the branch sites. One VPN is towards hosts in Azure, which is used by industrial applications. The other tunnel is built with Zscaler Internet access peer, which will be used for Guest wifi. For the ZIA VPN, the destination private subnet is 0.0.0.0. There is no option to specify a unique destination private subnet as confirmed by Zscaler. In this scenario, how can we ensure traffic destined for one VPN doesn't gets allowed in another VPN? Is it possible to specify which network subnets can participate in which VPN? Below is the screenshot of the VPN config.   Thanks for your time.   Gnana. ... View more
© 2025 Cisco Systems, Inc.