Site-to-site VPN Settings – Meraki Documentation
VPN subnet translation
This feature is not enabled by default, please contact Meraki support to enable it.In large distributed networks, multiple networks may have identical subnet scopes i.e. overlapping subnets. Site-to-site VPN communication requires each site to have distinct and non-overlapping local subnets. In the event that multiple locations have the same local subnet, enable VPN subnet translation to translate the local subnet to a new subnet with the same number of addresses.
- Branch 1 local subnet: 192.168.31.0/24
- Branch 2 local subnet: 192.168.31.0/24 identical!
- Branch 1 translated subnet: 10.0.1.0/24
- Branch 2 translated subnet: 10.0.2.0/24
In the example above, even though both networks have identical local subnets, they are communicate over the VPN using their translated VPN subnet. Branch 1 is accessible as 10.0.1.0/24 and Branch 2 is accessible as 10.0.2.0/24 over the VPN tunnel.