Hi Deepak (or can I use Deep for short? Feel free to call me Dan 🙂 ), Yes I encountered this problem with a previous company I worked for. Meraki are still working on doing standard routing protocols through their dashboard. It's best to consider and think of MX's in their current form a NAT Gateway, it helps in how you choose to deploy them. Viptella was acquired to provide SD WAN and provide these more advanced enterprise grade features. The solution we had to implement was putting two (for HA) Cisco ISR's to manage the L3 routing protocols and to the Meraki it just saw the ISR's as it's internet link, so when data came from the SD WAN Meraki spokes, intending to reach a private subnet on another router through a site to site VPN connection it was sent out the Meraki's WAN connection. When packets reached the ISR's they then routed the traffic over that traditional IPSec Site-to-Site VPN. Traffic was routed back to the SD WAN in a similar but different fashion. Now if you don't want to use Cisco ISR's, you don't have to. You just need some other type of router in front to establish the site to site VPN and to manage the BGP (or whatever WAN L3 routing protocol you choose) routing advertisements and redistribution back to the SD WAN Hub (MX device). Also you will want to ensure whatever device you end up choosing to do this is capable to manage the amount traffic you expect now and in 3 - 5 years time to traverse the device. A good article which explains it really well is this one - https://www.willette.works/merging-meraki-vpns/ So depending your preference and what you are comfortable with you could achieve it in a few ways, but you cannot do it exclusively with the one Meraki MX unfortunately. There will be a time in the future maybe that Meraki enable this, I cannot help with advising if and when this will happen, I wanted it over 6 months ago! Haha! Thanks, Daniel.
... View more