I fully agree. Ther Meraki VPN tunels to 3rd party peers leaves a lot to be desired. (No backup peer IP, no granularity for configuring different sets of source IPs to different destination IPs, no IKEv2). I respectfully disagree with @PhilipDAth on the SSL inspection. Our DLP policy enforced by zScaler allows us to grant users access to read documents shared from sources like Dropbox, Google Drive, Office 365, without allowing them to upload documents/files to those destinations. That requires SSL inspection and a much more sophisticated policy set than is offered with Meraki. Not to mention, the tunnel config options I mentioned above are all just standard boiler plate Site to Site VPN tunnel options, which would let a solution like zScaler work just fine.
... View more