Client VPN

Solved
SardarAlam
Getting noticed

Client VPN

Hi all,

 

Static IP is required for Client VPN or it can work on normal connection. as i am facing issue applied all the techniques but VPN is not connecting. I have two Devices MX64 on which Client VPN working fine, and the other MX68 not working VPN. the only difference in both is MX64 IP is same as public IP, on MX 68 Public ip is different and MX ip is private IP 192.168.1.0/24. can someone help me.

Thank you.

 

1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal

It is possible that the ISP in your country blocks inbound connections to customers using a dynamic IP address.

 

I would do a packet capture on the MX for UDP/500, and then try and start a client VPN connection.  If you see some traffic then you know the traffic is allowed and it is your configuration.  Otherwise you know the ISP is blocking the traffic, and you'll have to go to a static IP address.

View solution in original post

5 Replies 5
ww
Kind of a big deal
Kind of a big deal

U can use the dns name

 

PhilipDAth
Kind of a big deal
Kind of a big deal

>MX 68 Public ip is different and MX ip is private IP 192.168.1.0/24

 

For that case, you'll need to configure the device that has the public IP to forward UDP/500 and UDP/4500 to the MX WAN interface.

 

Also note that if the user is on 192.168.1.0/24 at home that it may not work (seems to work sometimes and not others).

SardarAlam
Getting noticed

I already configure on port forwarding on that device UDP/500 and UDP/4500. but still not working. Can you confirm that should i need to purchase Static IP from ISP. As per ISP representative VPN is not allowed on normal connection this required Static IP. details is mentioned below.

SardarAlam_0-1661316071907.png

 

PhilipDAth
Kind of a big deal
Kind of a big deal

It is possible that the ISP in your country blocks inbound connections to customers using a dynamic IP address.

 

I would do a packet capture on the MX for UDP/500, and then try and start a client VPN connection.  If you see some traffic then you know the traffic is allowed and it is your configuration.  Otherwise you know the ISP is blocking the traffic, and you'll have to go to a static IP address.

SardarAlam
Getting noticed

I tried packet capturing but there is no info from client VPN side client VPN request  is not reaching to MX.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.