@MyPrepaidBalance wrote: I would use BGP over OSPF. Yes, you need to use two devices to allow AutoVPN devices to be alble to talk to none-Meraki site to site VPN remote sites. Replacing all remote site routers with MX units so you can use AutoVPN everywhere will make your life simple. I would do this as my first option. You wont need to use dynamic routing as well then. Configure the MPLS network to have a default route to the MX84. And static routes on the MX84 pointing back to the MPLS router for the two sites. You can't hairpin AutoVPN and non-Meraki IPSec VPN traffic. SotThe remote office(s) using IPSec (assuming it terminates on the HQ MX84) will be able to talk to the MPLS sites and vice versa, but wont be able to talk to the AutoVPN sites and vice versa.
... View more
