cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
8012
Views
0
Helpful
1
Replies

Meraki MX Behind NAT

almccanuel
Level 1
Level 1

Hi All,

 

Currently, i have a MX device facing the Internet. L2TP client vpn is very useful on our current setup. However i want to add an vEdge in front of my MX. So basically the Public IP is now on my vEdge. Im wondering if the Client VPN would still work on this setup if the MX is behind NAT Device. if this is possible what configuration do i need to setup on MX and my vEdge.

 

TIA.

1 Reply 1

sasig
Cisco Employee
Cisco Employee

yes you can

MX-Z Security Appliance

Please see the following link to configure the MX-Z for Client VPN. If the MX-Z sits behind another NAT device or firewall, please make sure that the following UDP ports are forwarded/allowed to the MX-Z:

  • UDP 500 (IKE) 
  • UDP 4500 (IPSec NAT-T)

Note: Since the MX is the device communicating from UDP 500/4500, those ports need to be forwarded on any devices upstream of the MX, not on the MX itself.

 

https://documentation.meraki.com/MX/Client_VPN/Troubleshooting_Client_VPN

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: