Closed yujiterada closed 4 years ago
@yujiterada this is a misconfiguration and not supported per documentation. How do you know which of the two peers to accept as the final output? If additional networks are added and the order of networks is changed from the Meraki API, how does that affect which of the two is considered to be the acceptable configuration? I think there are trade offs for what is considered acceptable when handling a blatant misconfiguration.
@JackStromberg You're definitely right. I was testing a scenario which isn't supported. Thanks!
Configuring the same tag on multiple networks creates the same Non Meraki VPN tunnel with the same VPN gateway IP addresses for each network, and this creates an issue on MX for Non Meraki VPN. The same tag should only create 2 Non Meraki VPN configuration for Instance 1 and Instance 2.
Expected Behavior
Only create 2 Non Meraki VPN entries per tag.
Steps to Reproduce
Detailed Description
4 Non Meraki VPN entries are created when putting the tag "vwan-hub-west-1" on "Office - Sydney" and "Home - Tokyo" networks.
The MX in "Home - Tokyo" has 2 Non Meraki VPN tunnels with the same destination IP address.
Possible Solution
Check if Non Meraki VPN entry already exists for that tag and validate the configuration. If validation is successful, do not create the same Non Meraki VPN.