Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

About No-Nothin-1859

Re: vMX in AWS, Routing remote branch subnets with DirectConnect to OnPremi...

by in Security & SD-WAN
‎Jan 16 2024 5:36 AM
2 Kudos
‎Jan 16 2024 5:36 AM
2 Kudos
I finally found the solution.  In the transit gateway route tables there were 3 route tables.  I was adding the static route on the wrong one. thank you all for your help ... View more

Re: vMX in AWS, Routing remote branch subnets with DirectConnect to OnPremi...

by in Security & SD-WAN
‎Jan 15 2024 11:15 PM
‎Jan 15 2024 11:15 PM
Yes it is one of them, or maybe a misconfiguration in AWS. We agree that the vMX has only one interface in a "public subnet" with a private IP RFC1918 and public IP.   When i reach back the VPC of the vMX i have a static route towards spokes that point to the EC2 vMX ENI.  On the transit gateway route table, i create also a static route towards spokes that point to the VPC of the vMX.   On the VPC of the resource i have a default route to send all traffic to transit gateway.    ... View more

Re: vMX in AWS, Routing remote branch subnets with DirectConnect to OnPremi...

by in Security & SD-WAN
‎Jan 15 2024 2:45 AM
‎Jan 15 2024 2:45 AM
Yes on the transit gateway, i added a static route for : destination : remote branch subnet next hop : vMX VPC   But i think when i reach the VPC, it doesn't know where to go for that route.  ... View more

Re: vMX in AWS, Routing remote branch subnets with DirectConnect to OnPremi...

by in Security & SD-WAN
‎Jan 15 2024 2:36 AM
‎Jan 15 2024 2:36 AM
Hello, Thank you for your answer. Which routing tables are you talking about ?   Firewall rules are OK. They are not blocking ICMP. ... View more

vMX in AWS, Routing remote branch subnets with DirectConnect to OnPremise

by in Security & SD-WAN
‎Jan 15 2024 2:24 AM
‎Jan 15 2024 2:24 AM
Hello Everybody,   I am working on a project where i need to set up a vMX in AWS that is deployed in his own VPC. The vMX is in Concentrator mode with a One Arm mode. The Network Interface has an IP in a private subnet that give him also a public IP.   This VPC is attached to a Transit Gateway that act as a hub for all VPC and permit inter-VPC traffic. There is also a Palo ALTO in AWS that filter traffic between VPC. Also a Direct Connect is here to connect to OnPremise network and the Direct COnnect is attached to the Transit Gateway.   I have my remote branch with a SDWAN tunnel to vMX. I can ping resources in the same VPC of the vMX. So Everything is Good. I can also see my pings reaching OnPremises ressources and going back to AWS. Even When i try to ping another resource in another VPC i can see the ICMP reaching my resource but the reply never reach vMX.   The problem is i never reach vMX from AWS and when the destination is in a remote branch subnet.   Anybody gone through a similar use case ? Thank you  ... View more
Labels:
My Accepted Solutions
View all
© 2024 Cisco Systems, Inc.