We are configuring a VWAN hub with multiple site to site connections. Branch to branch connectivity is not desire with the exception of 1 location(hub2). While natively in Meraki we could have the hub2 location configured as a hub and peer all of the spokes to it, we would like for the VWAN to be the only hub. Meraki 3rd party VPN is an organizational wide setting so currently all spokes are connected and the remote subnets are configured for all Azure subnets. I cannot add the subnet of hub 2 as hub 2 would then send all of its traffic to the VWAN. I am thinking if I put a DNAT on the VWAN and advertised it in the Meraki remote subnets for the 3rd party VPN that connectivity could be achieved with minimal effort . (i would have to add static routes on the hub2 network for the branch locations to the private gw address of the VWAN as the next hop) Has anyone attempted this configuration and if so what implications or issues did you see?