Meraki

Community

Documentation Feedback: Client VPN Overview

MerakiCommunity
Community Manager
Community Manager
‎Sep 8 2021 1:56 PM
‎Sep 8 2021 1:56 PM

Documentation Feedback: Client VPN Overview

This is the community thread for feedback and questions on the documentation article Client VPN Overview

0 Kudos
11 Replies 11
MerakiSA
Conversationalist
‎Jul 21 2022 8:54 AM
‎Jul 21 2022 8:54 AM

Can you add a link for VPN Settings for Windows 11?
In response to MerakiSA
Tray
Meraki Employee
Meraki Employee
‎Jul 28 2022 8:05 AM
‎Jul 28 2022 8:05 AM

Hey, I am happy to help you with this. Configuring the Client VPN for Windows 11 is the same as Windows 10.
Shahnaz
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Jul 29 2022 3:02 PM
‎Jul 29 2022 3:02 PM

Can you please expand on what subnet to use for "subnet for client VPN"?
0 Kudos
In response to Shahnaz
TG1
New here
‎Aug 25 2022 11:30 AM
‎Aug 25 2022 11:30 AM

You enter whatever subnet you wish you use and that will be the scope of the DHCP assignment to the VPN clients.
0 Kudos
Apashkou
Meraki Employee
Meraki Employee
‎Aug 12 2022 5:06 AM
‎Aug 12 2022 5:06 AM

Team, for this section:

'Group Policy applied to a client VPN user is associated with the username and not the device. Different devices that connect to client VPN with the same username will receive the same group policy."

Can we add the part that explains that this is only true if we are tracking by mac. When tracking by mac, the "MAC" seen in the client page is a hash of the username and that is what allows the GP to be applied to a specific username.
 
When tracking by IP, that ability is lost - and unfortunately, it looks like there is no way to make a fixed association between username and IP.
0 Kudos
In response to Apashkou
iConnect
Here to help
‎Nov 3 2022 7:25 AM
‎Nov 3 2022 7:25 AM

When you assign a policy group to a client VPN, it looks like it is associated to a username but is not because if you connect from anohter computer using the same credentials, this new connection skip the policies applyed previuosly.

Looks like there is no way to apply group policies to usernames, only computers/phones/tables.
@iconnect.cl
0 Kudos
Kovacsteps
New here
‎Aug 22 2022 9:33 AM
‎Aug 22 2022 9:33 AM

Is 2FA available with the MX400 or is a 3rd party required. Like is there a configuration spot where we can set up Google auth or whatever?

0 Kudos
Max_DrSalomon
Just browsing
‎Jan 13 2023 12:25 AM
‎Jan 13 2023 12:25 AM

Is possible to use the same IP Addressing of one internal LAN interface? This avoid problem about Enterprise internal routing and permit to use the same policy already installed.
0 Kudos
In response to Max_DrSalomon
Fernando_R
Comes here often
‎Jan 25 2023 7:01 AM
‎Jan 25 2023 7:01 AM


It is not possible to do this. When trying, meraki will throw an error. For VPN clients, you must assign a different segment than the one already configured for the LAN.
Lic. Fernando Rossato
0 Kudos
Fernando_R
Comes here often
‎Jan 24 2023 9:33 AM
‎Jan 24 2023 9:33 AM

What is the point of using AD for VPN clients, otherwise it does not allow me to use the security policies applied to each group? This is a security bug, that any VPN user can access the content of the entire network. There is no way to apply restrictions for VPN clients? What does @Meraki say about all this?
Lic. Fernando Rossato
0 Kudos
ecoen
Meraki Employee
Meraki Employee
‎Mar 1 2023 7:13 PM
‎Mar 1 2023 7:13 PM

Can Client VPN be used on a one arm VPN concentrator (MX)? If so, what is the trick to allow the client to connect?
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.