Like other vendor firewalls, you configure the Cisco Meraki firewall to perform a Site-to-Site VPN connection to the Web Security Service. However, Meraki firewalls always forces NAT-T even when the device connects directly from a public IP address. Furthermore, Meraki firewalls do not support certificates. Therefore, the procedure to route web traffic to the Web Security Service differs from other vendors.
Note: Symantec has seen outages occur if the Phase 2 Timeout value is set to longer than four (4) hours. If the current setting is less than four hours, you can leave that
value. Otherwise, adjust the time. The screenshots in the following procedure might not reflect this advisory.
After you create a Location in the Web Security Service portal (Next Selection below) and the Meraki device begins to communicate with the cloud service, you can return to the interface monitor the status of the VPN connection.