Skip to content
Network as Code

VPN BGP Configuration

Dashboard Location: Security and SD-WAN > Configure > Site-to-site VPN

BGP Routing Protocol Management

Section titled “BGP Routing Protocol Management”

VPN BGP configuration in Meraki appliances enables dynamic routing protocol support for site-to-site VPN connections through Border Gateway Protocol (BGP). This functionality allows extenral automatic route advertisement and learning from VPN enabled networks, supporting complex network topologies with redundant paths and dynamic failover capabilities. BGP integration is essential for organizations requiring scalable routing, multi-homed connections, and advanced traffic engineering across their VPN infrastructure while maintaining automated route convergence and network resilience.

Diagram

Section titled “Diagram”
Diagram

Classes

Section titled “Classes”

appliance (meraki.domains.organizations.networks)

Section titled “appliance (meraki.domains.organizations.networks)”
NameTypeConstraintMandatoryDefault Value
vpn_bgpClass[vpn_bgp]No

vpn_bgp (meraki.domains.organizations.networks.appliance)

Section titled “vpn_bgp (meraki.domains.organizations.networks.appliance)”
NameTypeConstraintMandatoryDefault Value
enabledBooleantrue, falseYes
as_numberIntegermin: 1, max: 4294967295No
ibgp_hold_timerIntegermin: 12, max: 240No
neighborsList[neighbors]No

neighbors (meraki.domains.organizations.networks.appliance.vpn_bgp)

Section titled “neighbors (meraki.domains.organizations.networks.appliance.vpn_bgp)”
NameTypeConstraintMandatoryDefault Value
ipIPNo
ipv6IPNo
remote_as_numberIntegermin: 1, max: 4294967295Yes
receive_limitIntegermin: 0, max: 2147483647No
allow_transitBooleantrue, falseNo
ebgp_hold_timerIntegermin: 12, max: 240Yes
ebgp_multihopIntegermin: 1, max: 255Yes
source_interfaceStringmin: 1, max: 10No
next_hop_ipIPNo
ttl_securityBooleantrue, falseNo
passwordStringmin: 5, max: 64No

Examples

Section titled “Examples”

Example-1: The example below demonstrates VPN BGP configuration using tested YAML configuration from pipeline fixtures.

This configuration enables BGP on the Meraki appliance with local AS number 65001 and establishes a VPN BGP session to a remote neighbor at 192.168.99.99 (AS 65002) via WAN1, using a next-hop of 192.168.10.1, with eBGP multihop set to 2 and a hold timer of 60 seconds, allowing dynamic route exchange and resilient connectivity over the VPN.

meraki:
  domains:
    - name: !env domain
      administrator:
        name: !env org_admin
      organizations:
        - name: !env org
          networks:
            - name: !env network_name
              product_types:
                - appliance
                - switch
                - wireless
                - camera
                - sensor
                - cellularGateway
              appliance:
                vpn_bgp:
                  enabled: true
                  as_number: 65001
                  neighbors:
                    - remote_as_number: 65002
                      ip: 192.168.99.99
                      ebgp_hold_timer: 60
                      ebgp_multihop: 2
                      next_hop_ip: 192.168.10.1
                      source_interface: wan1