GX50 / S2S Error

jonathanbrct
Comes here often

GX50 / S2S Error

Hello Team,

 

I currently have 2x GX50 located on two different sites to make a S2S link to access specific resources.

However, despite configuring the local networks and setting up the S2S configuration, the link does not go up.

Do you have any idea why? Is there a "hidden" option available to get detailed logs?

Would someone who has already succeeded in setting up a S2S with 2x GX50 please come forward?

Is it mandatory to buy a license for this one?

 

Thanks in advance,

 

Regards,

7 Replies 7
jonathanbrct
Comes here often

Hello,

 

Update, nobody have alreday setup an S2S VPN with 2x GX50 ?

 

Regards,

speakerfritz
A model citizen

I was going to google what s2s means…but then it hit me…site to site.

 

no…haven’t set one up yet.

 

 

jonathanbrct
Comes here often

Hi speakerfritz,

 

Yes, that's right S2S stands for Site To Site! Currently available between GX50!

 

Regards,

speakerfritz
A model citizen

Is there any chance your ISP is blocking needed ports.

 

I have 2 ISP’s.  One blocks everything 

jonathanbrct
Comes here often

Knowing that one is behind a firewall, the problem is that I don't see any incoming traffic, and I can't find any specific documentation indicating the ports used by Meraki Go to establish the S2S.

speakerfritz
A model citizen

Most common site to site vpn ports are 500 and 4500, which is the same for enterprise Meraki ….I can’t imagine why Meraki go would not use the same.

 

me would use a port checker and test for 500 and 4500.  

 

 

jonathanbrct
Comes here often

Hi Speakerfritz,

 

I found some information about setting up the Auto-VPN proposed by Meraki with additional ports, I will do various tests (https://documentation.meraki.com/MX/Site-to-site_VPN/Meraki_Auto_VPN_-_Configuration_and_Troubleshoo....)

 

Ports used to contact the VPN registry:

  • Source UDP port range 32768-61000
  • Destination UDP port 9350 or UDP port 9351

 

Ports used for IPsec tunneling:

  • Source UDP port range 32768-61000
  • Destination UDP port range 32768-61000

 

Or (https://documentation.meraki.com/MX/Other_Topics/Using_VPN_through_an_MX_Security_Appliance)

 

Regards,

Get notified when there are additional replies to this discussion.