Spoke-Hub VPN Establishment Despite DNS Error and Application Inaccessible

Niraj
Here to help

Spoke-Hub VPN Establishment Despite DNS Error and Application Inaccessible

Hi Team,

Facing issue through Cisco Meraki MX security appliance, application is inaccessible despite Spoke-Hub establishment is absolutely fine.

 

Architecture of Site

 

1. Spoke-Hub, where Spoke accessing application from Hub.

 

2. MX appliance having 2 MPLS Link for Load balancing and Failover.

 

3. Through MPLS Link-I application is accessible and its working perfectly.

 

4. Through MPLS Link-II VPN establishment perfect, Link performance fine despite application is inaccessible.

 

2. Post disconnecting MPLS Link-I getting DNS Error and MX getting Offline instead Link is up and working fine.

 

Meraki Support approach since August 22 2019.

 

Helpdesk Support,

Except irrelevant mailer on arbitrary requirement, till date nil outcome resolution from your, which clearly reflects capabilities and support expertise.

 

Its third week despite you are simply replicating insignificant mailer, what impression it creating with customer?

 

Point should be noted as mentioned:

  • Architecture is self-explanatory that its Spoke and Hub connection.
  • Spokes are accessing application from Hubs i.e. DC Mumbai & Nxtra DC.
  • Source is definitely Bangalore LAN segment and destination should be DC Mumbai & Nxtra DC despite arbitrary requirement.
  • Through Internet Link-I definitely source and destination should be same through which application is accessible despite why such layman response?
  • Meraki solution is completely cloud based with full manageability despite where incapacities in taking packet capture from your end its lethargic and casual approach from your end.

Let me ensure you, posting all communication on Meraki platform and technical platform for your support approach and methodologies.  Throughout follow-up from past more than three weeks its clear that you are hanging issue on casual approach for simply service request closure else nothing and not concerned about customer business impact.

 

Through such support and methodologies from helpdesk support, Meraki is loosing its significance and customer faith which degraded the entire service and reliability. One of worst and horrible support.    

 

Sincerely,

 

Niraj Kumar Sinha

 

 

Regards,

 

Niraj

 

 

 

 

5 REPLIES 5
ww
Kind of a big deal
Kind of a big deal

maybe you can add some design drawings from your underlay and vpn overlay and explain where you application is hosted and how you route it into your vpn?

 

 

this issue is new or has been there always? 

your mpls 1 and 2 run to the same dc/application? problem is with one specific application or more apllications?  your hubs are in concentrator mode?

NolanHerring
Kind of a big deal

Sounds like your second MPLS connection doesn't have a route back to the SPOKE site from what I was able to extract from your post. Are you able to check routing from the DC side?
Nolan Herring | nolanwifi.com
TwitterLinkedIn
cmr
Kind of a big deal
Kind of a big deal

@Niraj do you see a public IP address for both WAN 1 and WAN 2 interfaces in the GUI, or is either an internal address?  Is it one hub and one spoke or do you have multiple of either?

PhilipDAth
Kind of a big deal
Kind of a big deal

@Niraj.

 

Considering only the case when it is not working;

  1. Can the client ping the application server via IP address?
  2. Can the client ping the application server via name?

 

If both of the above work, how does the application actually fail?  Does it by chance start and then seem to hang and then fail?  If so you might be having an MTU issue.

 

Otherwise does the application report some kind of error message?

Philip,

 

1. Yes, clients pinging application via IP address and name server.

 

Through Link-II Global and Google DNS is reachable but while connecting MX appliance its shown Error " DNS Error"

 

While connecting both Link I & II application is accessible, especially when Link-I get impacted or there is issue in accessing application.

 

Link-II performance and reachable is absolutely fine through router and Switch especially issue through MX appliance.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.