AutoVPN constantly dropping over Starlink

Network_Eng
Comes here often

AutoVPN constantly dropping over Starlink

We have a fleet of 150+ Meraki MX67's at users homes and have begun to see more and more Starlink users.

 

It has now become a regular process to restart a handful of Meraki's on a daily basis because the autoVPN's are unable to reconnect for an unknown reason.  The Starlink users are the majority of these problem systems.

 

Looking at one of them, the logs are filled with the autoVPN constantly dropping and reestablishing.

 

Network_Eng_0-1718750467620.png

 

I am tempted to blame the ISP, but I'm hoping that there are some tips and tricks to improve the reliability of these systems.  Does anybody have some advice?

3 Replies 3
PhilipDAth
Kind of a big deal
Kind of a big deal

The AutoVPN hub they connect to - does it have a public IP address directly on it?

 

If not, if it is sitting behind something else doing NAT, then configure a static IP and port in the AutoVPN hub settings, and configure the firewall doing NAT to port forward the UDP port specified.  This will make it a LOT more solid.

 

PhilipDAth_0-1718752289280.png

 

Network_Eng
Comes here often

We are currently using the automatic method that relies upon the cloud.  

 

Are there issues with this method versus manual?  I'm interested in hearing the reasoning behind your recommendation.  If I'm going to recommend the change, it will help me explain why the downtime is required.

kchand
Meraki Employee
Meraki Employee

Hello,

Are you observing any significant packet loss at the time of the issue? You can check the loss percentage by navigating to the Appliance status page --> Uplink tab ---> Packet loss to 8.8.8.8.

If you found this post helpful, please give it kudos.
If my answer solved your problem, click "accept as solution" so that others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels