Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Access Failed over SD-WAN

Maiquel
Comes here often
‎Feb 28 2018 3:35 PM
‎Feb 28 2018 3:35 PM

Access Failed over SD-WAN

In our new meraki deployments, some branches are having problems.
Through the branch I cant exec the ping or intranet access (http), Terminal server nothing works, but from the HQ to the Branch I access normally. If I reboot the meraki the branch can ping the HQ, exec the Terminal server to AD-Server, access internaet HTTP. If I turn off the Meraki and power on, the problem occurs and nothing work over Brach. Some one have this problem? 

MX-65 -> Firmware Current 14.20 

0 Kudos
Subscribe
7 Replies 7
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 28 2018 3:51 PM
‎Feb 28 2018 3:51 PM

To be clear; rebooting the MX works - power cycling the MX breaks things?

 

How is the branch connecting to the HQ?  AutoVPN over the Internet?  AutoVPN over MPLS?  Routed over MPLS?

0 Kudos
Subscribe
In response to PhilipDAth
Maiquel
Comes here often
‎Feb 28 2018 4:01 PM
‎Feb 28 2018 4:01 PM

Yes, rebooting the MX works power cycling breaks. The  Branch use  AutoVPN over MPLS (wan2). 

0 Kudos
Subscribe
In response to Maiquel
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 28 2018 4:30 PM
‎Feb 28 2018 4:30 PM

Is this an MPLS WAN circuit or an MPLS Internet circuit?

0 Kudos
Subscribe
In response to PhilipDAth
Maiquel
Comes here often
‎Feb 28 2018 5:34 PM
‎Feb 28 2018 5:34 PM

Hi Philip, tks for your help. 

MPLS WAN circuit. 

0 Kudos
Subscribe
In response to Maiquel
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 28 2018 5:50 PM
‎Feb 28 2018 5:50 PM

This is very unusual.  Is there anything doing NAT between between the MX's (you re not likely to have this)?

 

When is is broken, does the MX appear to be online in the Dashboard?  Does the VPN status for the MX appear to be up (green circle)?

 

Is there a single Hub in your AutoVPN (aka only a single VPN path to the destination)?

0 Kudos
Subscribe
In response to PhilipDAth
Maiquel
Comes here often
‎Mar 1 2018 5:51 AM
‎Mar 1 2018 5:51 AM

Hi Philip,
The MPLS router have the Cisco WaaS Module with WCCP redirect. When i use ftp for example where the Cisco Waas does not accelerate the ftp work and i can get the file, but i try use the tcp/80 for the same server does not work. But tcp/80 for that server is accelerating. When i remove the wccp redirect all its work very well.

0 Kudos
Subscribe
In response to Maiquel
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 1 2018 7:43 AM
‎Mar 1 2018 7:43 AM

It sounds like you have a WAAS mis-configuration then (since using tcp/80 through it does not work).  The Meraki kit shouldn't realy be bothered by this, as it is mostly using ports that WAAS is not interested in (except for perhaps tcp/443 if enabled).

 

If you disabled WAAS do you still have the same failover issue?

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.