I think my experience is unique, but wanted to put it out there anyway. I’ve actually had quite a few problems with Meraki equipment during the one instance I worked with them. After a few hours to days, the switches would stop functioning. You could still access them through the webgui and issue a reboot to resolve the issue, but the problem persisted even after many resets and calls with Cisco.
Again, likely some bonk hardware, but in case anyone else has had a similar experience I wanted this to be known. Thank you, -- Ryland ________________________________ From: NANOG <nanog-bounces+rkremeier=barryelectric....@nanog.org> on behalf of Brandon Svec via NANOG <nanog@nanog.org> Sent: Thursday, February 10, 2022 3:50:49 PM To: William Herrin <b...@herrin.us> Cc: nanog@nanog.org <nanog@nanog.org> Subject: Re: VPN recommendations? Meraki may be considered expensive, requires perpetual license to operate and is difficult to get currently (very long lead times) but is dead.stupid.simple to install and maintain. I have yet to find a business or home network that it does not work on out of the box, but if you find one it would be an issue to overcome for any solution, right? i.e. open some ports on the up stream device one time. https://documentation.meraki.com/MX/Site-to-site_VPN/Meraki_Auto_VPN_-_Configuration_and_Troubleshooting Brandon Svec On Thu, Feb 10, 2022 at 10:05 AM William Herrin <b...@herrin.us<mailto:b...@herrin.us>> wrote: Hi folks, Do you have any recommendations for VPN appliances? Specifically: I need to build a site to site VPNs at speeds between 100mpbs and 1 gbit where all but one of the sites are behind an IPv4 NAT gateway with dynamic public IP addresses. Normally I'd throw OpenVPN on a couple of Linux boxes and be happy but my customer insists on a network appliance. Site to site VPNs using IPSec and static IP addresses on the plaintext side are a dime a dozen but traversing NAT and dynamic IP addresses (and automatically re-establishing when the service goes out and comes back up with different addresses) is a hard requirement. Thanks in advance, Bill Herrin -- William Herrin b...@herrin.us<mailto:b...@herrin.us> <https://bill.herrin.us/> https://bill.herrin.us/
