Meraki

Community

Auto VPN

Solved
Ubaidkhan
Here to help
‎Dec 31 2021 12:21 AM
‎Dec 31 2021 12:21 AM

Auto VPN

Hi All,

I am creating auto VPN between to MX appliances as VPN established but it disable internet traffic. When VPN disable/off internet traffic is enable and devices can access VPN. please guide.

0 Kudos
1 Accepted Solution
DarrenOC
Kind of a big deal
Kind of a big deal
‎Dec 31 2021 12:29 AM
‎Dec 31 2021 12:29 AM

Hi @Ubaidkhan , can you provide a bit more info on your setup?  What is the purpose of the auto-vpn? What resources are your users trying to access either side of the vpn? Are you placing all VLANs in the vpn? When you enable the vpn what traffic are you seeing on your wireshark traces (LAN and Internet)?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

View solution in original post

0 Kudos
11 Replies 11
DarrenOC
Kind of a big deal
Kind of a big deal
‎Dec 31 2021 12:29 AM
‎Dec 31 2021 12:29 AM

Hi @Ubaidkhan , can you provide a bit more info on your setup?  What is the purpose of the auto-vpn? What resources are your users trying to access either side of the vpn? Are you placing all VLANs in the vpn? When you enable the vpn what traffic are you seeing on your wireshark traces (LAN and Internet)?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
In response to DarrenOC
Ubaidkhan
Here to help
‎Dec 31 2021 12:40 AM
‎Dec 31 2021 12:40 AM

Hi @DarrenOC i have two MX devices in two different countries. one in pak and other is in dubai My concern is to connect these two devices through auto VPN to access ERP application from pakistan. and internet also work on client machine through which i am access ERP. 

 

Auto VPN is established and user can access ERP but he is not accessing to internet. 

i hope u get my point and if not let me know 

thanks 

0 Kudos
In response to Ubaidkhan
DarrenOC
Kind of a big deal
Kind of a big deal
‎Dec 31 2021 1:20 AM
‎Dec 31 2021 1:20 AM

Hi @Ubaidkhan , is there an upstream firewall in Dubai? This is probably not aware of your IP subnets in Pakistan and is also probably blocking the internet traffic from that site.  Do you have access to that firewall to investigate?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
Ubaidkhan
Here to help
‎Dec 31 2021 1:23 AM
‎Dec 31 2021 1:23 AM

no there is no other firewall in Dubai. just there is MX firewall through we are managing over network in Dubai

0 Kudos
In response to Ubaidkhan
DarrenOC
Kind of a big deal
Kind of a big deal
‎Dec 31 2021 1:28 AM
‎Dec 31 2021 1:28 AM

Any chance you could provide a rough network diagram incl the subnets in question?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
In response to DarrenOC
Ubaidkhan
Here to help
‎Dec 31 2021 2:00 AM
‎Dec 31 2021 2:00 AM

@DarrenOC thanks for responses. Issue resolved. 

In response to Ubaidkhan
DarrenOC
Kind of a big deal
Kind of a big deal
‎Dec 31 2021 2:06 AM
‎Dec 31 2021 2:06 AM

Hi @Ubaidkhan , what did you do to resolve?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
In response to DarrenOC
Ubaidkhan
Here to help
‎Dec 31 2021 2:14 AM
‎Dec 31 2021 2:14 AM

As client is obtaining IP from DHCP server and obtaining an IP address from reserve IPs and I restart services of DHCP server and after that is obtain IP address from range which are allowed.

 

After that i have configure auto VPN Hub to Hub and then user can access internet.

In response to Ubaidkhan
Ubaidkhan
Here to help
‎Dec 31 2021 2:15 AM
‎Dec 31 2021 2:15 AM

These two things i have done. 

In response to Ubaidkhan
DarrenOC
Kind of a big deal
Kind of a big deal
‎Dec 31 2021 3:01 AM
‎Dec 31 2021 3:01 AM

So you had an IP conflict? But then surely the ERP traffic would have failed as well?

 

Glad to hear the issue is resolved.

 

See you in 2022

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
In response to DarrenOC
Ubaidkhan
Here to help
‎Dec 31 2021 3:09 AM
‎Dec 31 2021 3:09 AM

no i don't think that it is an IP confliction as there is only one device is connected with MX.  yes if it is IP conflict then ERP traffic also failed but ERP is accessible. as device is not in production environment just doing testing to take this device in production. 

 

According to my understanding, it is an DHCP error when i restart the services and release ip address from client machine issue is resolved. 

 

before this i have just reconfigure VPN. thanks for you support buddy. god bless you 

0 Kudos
li.common.scroll-to.top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.