we have multiple locations with Meraki Firewalls that are using the Meraki Site-to-site VPN connection in a Hub configuration.
We would like to add our VPC to our Site-to-Site VPN so that if any location goes down, other branches will have a connection. I'm not sure what the best way to do this. It appears that we'd need a literal VPN connection to each and every location, which I assume would be $0.05/hr/connection… That would be extremely cost prohibitive.
I was able to get the location I'm at to connect to the VPC with no issues, however, other branches were not able to ping our EC2 server nor were they (obviously) connecting to the VPN directly.
What are your thoughts? What would be the best method for bringing our VPC to all of our branches?
Best Answer
Short of using Meraki support, I'd recommend adding static routes to the remote site Meraki firewalls using the main Meraki firewall's IP as the next hop.