Hi - have 4 downstream autovpn MX units all spoke with 0.0.0.0 to Azure vMX. Anyconnect clients at Azure. Need to add 3 non meraki VPNs. 2 of them need the same exit for MX connected and anyconnect connected clients. Can the non-meraki VPN be tagged "Azure only" so that only the vMX establishes a VPN connection? And if so, will the downstream MX clients be able to access that VPN? Or - is it better to Azure S2S and then peer with the MX? For the remaining non-meraki - its only needed on a single MX. Would the spoke / 0.0.0.0 to azure interfere with this?
... View more
