Meraki

Community

GX50 VPN errors & settings

GC1
Here to help
‎Sep 26 2023 2:39 PM
‎Sep 26 2023 2:39 PM

GX50 VPN errors & settings

I've never been able to connect to the VPN - I consistently get a "The L2TP-VPN server did not respond..." error. I've tried using my desktop computer as well as my iPhone. 

I've tried both the WAN IP as well as the generated hostname, they all produce the same error.

I have the DNS set to Google, but not entirely sure if that's what I should be using. Any help would be appreciated.

0 Kudos
7 Replies 7
Swing42
Comes here often
‎Oct 21 2023 1:17 PM
‎Oct 21 2023 1:17 PM

I can't even get that far- the "VPN access" slide button (on Admin details), doesn't work in either iphone app or web app.  Support said they are working on this- were you able to turn it on?

0 Kudos
In response to Swing42
GC1
Here to help
‎Oct 21 2023 1:53 PM
‎Oct 21 2023 1:53 PM

I had the same problem initially - which their tech support said they could not reproduce - but then they finally updated the iOS app and I am now able access the slide VPN access button. Make sure that your phone app is up to date - in my emails with tech support, it seems that the app has control over the firmware updating on the GX50. With that said, I have never been able to successfully connect the VPN - I still have the same issue I initially reported.

0 Kudos
Xydocq
A model citizen
‎Oct 22 2023 5:39 AM
‎Oct 22 2023 5:39 AM

hi @GC1 

 

I am not using a GX50 but I am using L2TP/IPsec VPN to connect to my network.

 

First of all, it would be nice to know, how your setup looks like. Is your GX50 directly connected to the internet thru a modem or is it placed behind a router? If it sits behind a router did you forward ports 500/UDP, 1701/UDP and 4500/UDP to the GX50? If it is directly connected, no forwarding needs to be set.

 

Second: does the hostname (company-name-whatever.dynamic-m.com) truly lead to the Public IP? You can do a nslookup on command promt on any windows-pc to find out.

 

Third: are you able to ping the hostname  or Public IP from the internet?

 

Finaly: how did you setup your VPN-clients? Sometimes it's not the server not responding, it's the client not accessing the server correctly. On a windows-machine you need to edit the Registry to be able to connect. Not sure how it works for iOS or MacOS-devices. Android phones will not be able to connect, well at least the newer ones won't, since google decided to stop support for L2TP/IPsec a while back. If you have an Android phone above version 11, I think, this applies.

 

It might be helpful to have a bit more information to offer better help.

 

Cheers

0 Kudos
In response to Xydocq
GC1
Here to help
‎Oct 23 2023 4:11 PM
‎Oct 23 2023 4:11 PM

Hi Xydocq,

 

Thanks for providing some information for me check out - #1 I'm directly connected, #2, yes it does (used the Command prompt on Windows). #3 - pinging either one times out... For the last question, I have tried both my Windows PC (haven't touched the registry) and my iPhone, neither works. But perhaps it has something to do with the #3... Let me know if you have any other thoughts.

 

Thanks!

0 Kudos
In response to GC1
Xydocq
A model citizen
‎Oct 23 2023 10:13 PM
‎Oct 23 2023 10:13 PM

I run a s2s-VPN. I was not able to set it up as a true s2s, so one router acts as server and the other one as client. Once in a while the connection gets lost. This happens sometimes after I reboot the server router. The WAN IP of the server site doesn't get changed but the client router can't access the server router. On the server site I don't see any incoming request for a connection. I was not able to figure out why this happens.

 

Turning the modem off and on, at the client site fixes the problem for me.

 

In case you didn't do that before, reboot the modem and the GX50. I tend to shut my devices down and wait a couple of minutes before turning them back on. Sometimes that's what fixes my connection issues.

0 Kudos
Swing42
Comes here often
‎Oct 22 2023 5:55 AM
‎Oct 22 2023 5:55 AM

Thanks @Xydocq for the thoughtful reply. 

 

In my case, the GX50 is behind the ISP-provided router, which is set up in "bridge mode" (essentially a DMZ, with all router services disabled, including any firewalls).   

 

The error I get on the client side is an authentication error, so it appears the client I'm testing with is reaching the GX50.  The problem I'm having is clearly on Meraki's end- we are unable to slide the switch called "VPN access" to the "on" position for any defined user. 

 

Support has said this is a known issue to be addressed in a future update (to both the Iphone app, and the web app, I guess).  And just for clarity, we've set up several MX64's, Z3's etc for clients, with both client and s2s vpns, so we are pretty comfortable with troubleshooting this stuff. 

 

What I don't understand is- if I'm using the latest Iphone app (downloaded a few days ago) and the web app (which others must be using), how is client vpn working for anyone?

0 Kudos
In response to Swing42
Xydocq
A model citizen
‎Oct 22 2023 11:39 PM
‎Oct 22 2023 11:39 PM

That's a question only Meraki Support can answer.

 

What I can say, the apps are different. The android app is v2.106.0 released Okt. 10th, on iOS it's v2.107.0 released on the same date, but the web-app is something else.

 

When I contact support, they tell me to install the latest version, always referring to the iOS version. Bummer, I am using Android. So in most cases, I have to wait for up to two weeks, to get the so called "latest" version.

0 Kudos
Get notified when there are additional replies to this discussion.
© 2024 Cisco Systems, Inc.