Guides
ProductDeveloper
Guides

Configure Tunnels with Meraki MX – Option 2

Cisco Meraki MX is an SD-WAN security appliance that supports distributed deployments of networks that require remote administration. You can integrate Cisco Meraki MX with the Umbrella Secure Internet Gateway (SIG) services through the Cisco Meraki SD-WAN Connector. The Meraki SD-WAN Connector enables you to establish IPsec (Internet Protocol Security) IKEv2 (Internet Key Exchange, version 2) tunnels and connect to an Umbrella data center and the Umbrella Secure Web Gateway (SWG). This guide describes how configure and deploy the Meraki Umbrella SD-WAN Connector.

For information about automating cloud connectivity, see Cisco SD-WAN Cloud OnRamp.

👍

Option 2 is an integration that utilizes the Meraki Umbrella SD-WAN Connector. All of the initial configuration takes place in the Meraki dashboard. The full configuration process is documented in the Meraki Umbrella SDWAN Connector Deployment Guide.

Table of Contents

Prerequisites

  • Cisco Umbrella SIG Essentials or SIG Add-On subscription, or a free Umbrella SIG trial.
  • Full admin access to Umbrella to create a legacy Umbrella Management API key and secret. For more information, see Add Umbrella Legacy API Keys.

Overview

To configure an IPsec tunnel in the Meraki dashboard, follow the steps in Meraki Umbrella SDWAN Connector Deployment Guide.

  1. Connect to Cisco Umbrella.
  2. Choose DC pairs.
  3. Establish auto VPN tunnel to Umbrella.
1488

Caveats

  • Before you can remove the network tunnel identity from the Umbrella dashboard, you must first delete the Meraki MX and Umbrella integration in the Meraki dashboard from Cisco SD-WAN Cloud OnRamp. For more information, see Meraki Umbrella SDWAN Connector Deployment Guide.
  • Do not remove the UMB-SIG node from its Meraki network on the Security & SD-WAN > Appliance Status page. You must delete the integration in the Meraki dashboard from Cisco SD-WAN Cloud OnRamp.
  • DNS policy is not supported over the Meraki Umbrella SDWAN connector. For more information about enabling a DNS policy, see Meraki Umbrella SD-WAN Connector, DNS Policies.
  • Client Reachable Prefixes are not supported in deployments with Cisco SD-WAN Cloud OnRamp.

Configure Tunnels with Meraki MX – Option 1 < Configure Tunnels with Meraki MX – Option 2 > Configure Tunnels with Cisco Adaptive Security Appliance (ASA)