Can't Ping vMX(in Azure) from MX appliance (Branch office)

Tarmahmood1
Getting noticed

Can't Ping vMX(in Azure) from MX appliance (Branch office)

Hi,

 

I am having trouble to ping vMX(private IP) from MX appliance. If i ping public IP from MX appliances it works fine but not private IP. It was working fine 3 days back but for some unkown reason vMX went down but after restart i noticed its working fine but not pingable from Branch office MX appliance.

If i ping from any VM inside Azure, i do get response from vMX.

 

I am suspecting vMX is faulty, maybe need to redeploy?

 

vMX: connector

MX: 5 MX appliances accessing servers in Azure through vMX.

NSG at Azure: Allowed any any

FW Rules in MX: Allowed any any

FW vMX: Allowed any any

 

Tariqmahmood_0-1668433119738.png

 

 

Summary:

1. All servers in Azure can ping clients in LAN behind MX

2. All clients can ping servers in Azure through vMX.

3. All servers in Azure can ping vMX(private ip).

4. MX appliances cant ping vMX(before it was working) but after crash i noticed this issue.

 

Note: Two weeks back i upgrded vMX to 17.10.x version and it crashed, after reboot it gets stable for few seconds than again goes down, Meraki downloaded to older version 16.16.6 and it was stable for 1 week and then it went down but came up after reboot and is stable as of now.

 

What can be the reason? Thanks in advance. 

4 REPLIES 4
alemabrahao
Kind of a big deal
Kind of a big deal

Well,  If you performed a downgrade and the issue still happening, maybe the best option is to open a support case. They are able to collect more information.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Thank you for reply. Yes, i have opened the case with Meraki, waiting for their action. Thought maybe someone has experienced the same issue.

I had some issues with version 17.10.x  but after downgrading It to version 16.16.6 I had no more issues. But I can't confirm if It is the same in your case.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Yesterday I had a call with support, and we were able to find the solution. We added the meraki vMX subnet to vMX S2S VPN from meraki dashboard and the Ping started to work from MX to vMX and vice versa. but before i didn't have such subnet added and it was working fine as well. Technically it should not have pinged before for (1 year :)) without adding vMX subnet. So, in conclusion the downgrade has nothing to do with this Ping failure between MX and vMX, it was configuration error.

Get notified when there are additional replies to this discussion.