Meraki

Community

Can't access local vlans over vpn

joshxx
New here
‎Apr 6 2020 9:43 AM
‎Apr 6 2020 9:43 AM

Can't access local vlans over vpn

Good day i currently have an ip adress on my vpn subnet that is 192.168.88.0/24.

 

Im trying to connect to other devices on the vlan 192.168.78.0/24 but i can't , the meraki mx has an ip from this address (78) , but i can only access the internet and not devices on the network 78 over the vpn network 88.

 

i have this on the firewall settings but no success at all

 Captura.JPG

0 Kudos
5 Replies 5
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 6 2020 11:13 AM
‎Apr 6 2020 11:13 AM

Before I go any further, the number #1 problem is Windows firewall.

 

Are you trying to access a Windows machine, and does it have Windows firewall enabled?  If so can you try disabling Windows firewall on the destination machine (the machine you are trying to access) and repeat the test.

 

If it still doesn't work, can you ping the IP address of the MX in that VLAN (192.168.78.0/24)?

0 Kudos
DHAnderson
Head in the Cloud
‎Apr 6 2020 1:52 PM
‎Apr 6 2020 1:52 PM

You could download Advanced IP Scanner (https://www.advanced-ip-scanner.com/), then run it on a PC connected to the VPN.  You would set the range to scan as  192.168.78.0/24.  It will then scan that network and you should see all the machines on that subnet.

 

 

Dave Anderson
0 Kudos
SopheakMang
Building a reputation
‎Apr 6 2020 10:32 PM
‎Apr 6 2020 10:32 PM

VPN rule by default is allow all , so i would like to recommend to ping from the VPN HUB to those subnet , make sure can reachable , verify flow of routing.
0 Kudos
WWWolf
Here to help
‎Apr 8 2020 9:02 AM
‎Apr 8 2020 9:02 AM

Can you ping the devices across subnets? Try both IP & hostname - If you can ping IP but not name, check DNS settings.  Be sure your internal DNS servers are listed under Security & SD-WAN > Client VPN under Custom nameservers.

 

If both fail, make sure you have the routes properly configured.  Are your VLANs configured under Security & SD-WAN > Addressing & VLANs?

 

You can also look under Security & SD-WAN > Route table to see what routes are available to your VPN users.  If the necessary routes aren't there, there will be communication problems.  If using a separate router to traverse VLANs, there either has to be a route on the MX to that router or the routes also need to be in the MX configuration.

0 Kudos
JamesFlorance
Here to help
‎Apr 8 2020 1:42 PM
‎Apr 8 2020 1:42 PM

Do you have both the source and destination subnets participating in the VPN? See below.

 

JamesFlorance_0-1586378513320.png

 

0 Kudos
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.