Meraki

Community

About netguy11

Re: vMX in AWS site-to-site VPN and Anyconnect

by in Cloud Security & SD-WAN (vMX)
‎Feb 21 2022 11:35 PM
‎Feb 21 2022 11:35 PM
Hi Philip,   Thanks for the replay. In my case VPC subnet is 10.x.0.0/16. I have vMX in 10.x.0.0/24 and vpn pool is 10.x.1.0/24. So in theory both /24s are part of the /16 VPC subnet. Should that work?   Yes, I have the VPN pool in 3rd party enc domain. I got spare Z3C yesterday. I will test with AutoVPN and check if there is a difference.   EDIT: Just tested with AutoVPN and communication from Anyconnect to branch works fine with split tunnel mode. For now only full tunnel is the issue. ... View more

vMX in AWS site-to-site VPN and Anyconnect

by in Cloud Security & SD-WAN (vMX)
‎Feb 21 2022 2:46 AM
‎Feb 21 2022 2:46 AM
Hello,   I'm trying to set up a following. I have test vMX-S deployed in AWS. I can see it on the dashboard in my test organization.  All looks good from this point. SW ver is  16.15.  I have two issues: 1) I can connect with remote VPN client (Anyconnect), but then in full tunneling mode traffic is not going out to the Internet. Is this expected behavior from vMX? 2) I'm also trying to establish 3rd party site to site VPN with a MX in another organization (this is for PoC, that's why I'm keeping it separately and not using AutoVPN), but tunnel is not coming up. Traffic flow is: remote VPN connected to vMX - 3rd party VPN - MX - LAN. Trying to ping from AnyConnect to branch LAN to activate the tunnel, but I'm not sure if those packets are actually going to the other end.  On vMX I can see some 500 & 4500 packets in the capture. Does anyone successfully deployed such scenario? Any hints would be more than welcome 🙂   ... View more
Labels:
© 2024 Cisco Systems, Inc.