3rd Party VPN Peers
Location in Dashboard: Security and SD-WAN >> Configure >> Site-to-site VPN >> Organization-wide settings
Diagram
Classes
appliance (meraki.domains.organizations)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| third_party_vpn_peers | List | [third_party_vpn_peers] | No |
third_party_vpn_peers (meraki.domains.organizations.appliance)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | min: 1, max: 127 | Yes | |
| public_ip | IP | No | ||
| public_hostname | String | min: 1, max: 127 | No | |
| private_subnets | List | String[Regex: ^(?i:any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?)(,(any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?))*$] | Yes | |
| local_id | String | min: 1, max: 127 | No | |
| remote_id | String | min: 1, max: 127 | No | |
| ipsec_policies | Class | [ipsec_policies] | No | |
| ipsec_policies_preset | Choice | default, aws, azure, umbrella, zscaler | No | |
| secret | String | min: 1, max: 127 | Yes | |
| ike_version | Choice | 1, 2 | No | |
| network_tags | List | String[min: 1, max: 255] | No |
ipsec_policies (meraki.domains.organizations.appliance.third_party_vpn_peers)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ike_cipher_algo | List | Choice[aes128, aes192, aes256, des, tripledes] | No | |
| ike_auth_algo | List | Choice[md5, sha1, sha256] | No | |
| ike_prf_algo | List | Choice[default, prfmd5, prfsha1, prfsha256] | No | |
| ike_diffie_hellman_group | List | Choice[group14, group5, group2, group1] | No | |
| ike_lifetime | Integer | min: 1, max: 604800 | No | |
| child_cipher_algo | List | Choice[aes128, aes192, aes256, des, null, tripledes] | No | |
| child_auth_algo | List | Choice[md5, sha1, sha256] | No | |
| child_pfs_group | List | Choice[disabled, group14, group5, group2, group1] | No | |
| child_lifetime | Integer | min: 1, max: 86400 | No |
Config Sample
meraki:
domains:
- name: EMEA
administrator:
name: Foo Bar
organizations:
- name: Dev
appliance:
vpn_third_party_vpn_peers:
- name: AWS VPN 01
public_ip: 1.1.1.1
public_hostname: vpn.example.com
private_subnets:
- "192.168.1.0/24"
- "192.168.2.0/24"
local_id: "192.168.128.10"
remote_id: "158.0.0.1"
ipsec_policies:
ike_cipher_algo:
- aes128
ike_auth_algo:
- sha256
ike_prf_algo:
- prfsha256
ike_diffie_hellman_group:
- group14
ike_lifetime: 3600
child_cipher_algo:
- aes128
child_auth_algo:
- sha256
child_pfs_group:
- group14
child_lifetime: 3600
ipsec_policies_preset: aws
secret: "supersecretkey"
ike_version: "2"
network_tags:
- "Production"
- "VPN"
- name: AWS VPN 02
public_ip: 2.2.2.2
public_hostname: vpn.example.com
private_subnets:
- "192.168.1.0/24"
- "192.168.2.0/24"
local_id: "192.168.128.100"
remote_id: "158.0.0.2"
ipsec_policies:
ike_cipher_algo:
- aes128
ike_auth_algo:
- sha256
ike_prf_algo:
- prfsha256
ike_diffie_hellman_group:
- group14
ike_lifetime: 3600
child_cipher_algo:
- aes128
child_auth_algo:
- sha256
child_pfs_group:
- group14
child_lifetime: 3600
ipsec_policies_preset: aws
secret: "supersecretkey"
ike_version: "2"
network_tags:
- "Production"
- "VPN"