Can't ping the MX84 out of the box

getnyce32
Conversationalist

Can't ping the MX84 out of the box

I have an MX84 I just took out of the box. I accessed the device through the management interface and assigned a static IP address to Internet 1.  I'm green on the lights and up in the switch.  From it's Default Gateway (my distribution switch) I can't ping the IP address of the MX84.  I can however see it in the cam table and arp table.  This is really making me feel dumb.

7 Replies 7
Adam
Kind of a big deal

Without knowing more about your config it is hard to say.  But here is a general setup.

 

Create Vlan interface on the MX?  Example

10.0.2.0/24

10.0.2.1

Vlan 2

 

Then setup say port 1 on the MX as Trunk, native vlan 2, allowed vlans (2,and whatever else).

 

Then the uplink on the switch connected to Port 1 on the MX should also be trunk, native vlan 2, allowed vlans (match whatever you did above).

 

From the switch Tools>Ping you should be able to ping 10.0.2.1 provided you haven't setup any ACLs on the switches or Firewall rules on the MX.  

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
getnyce32
Conversationalist

There is not config.. this is out of the box setup.  I took the device out of the box.  Connected a cable to the managment port and went to setup.meraki.com which is local to the box.  Gave port 1 an IP address and plugged it into my switch.   I can't ping that interface from my switch (Default Gateway)

MerakiDave
Meraki Employee
Meraki Employee

So when you got into the local MX config and saw the local "Connection" page you probably saw the "Something's not right" message saying the MX was trying to join a network or find a working connection.  Then you went to the "Configure" tab, and under the "Uplink configuration" section, set the static IP, netmask, default gateway and DNS server.  At that point, if you plug in the MX84 on Internet Port 1 to your switch and get a link light, you should be able to ping the MX84's static IP address from another device on that same VLAN and get replies.  (And if there's Internet connectivity the MX will begin trying to contact the cloud, download firmware & the config if you've already got it configured in Dashboard.)  If no pings, double check the settings and perhaps try it with and without VLAN tagging enabled.  If you're plugging it into a dot1q port on your switch make sure the tag is correct and/or confirm dot1q settings on the switch, and if there's no trunking make sure VLAN tagging is disabled on the MX and try it that way.  

getnyce32
Conversationalist

Exactly what I did.. It's an access port going to my switch so naturally I didn't put trunk on that screen.  I'm going to go back there now, unplug the cable from the Meraki and plug it into my PC to see if I can ping the DG. 

getnyce32
Conversationalist

Just went into my data center and unpluggd the cable from port/internet 1 on the meraki and plugged it into my laptop.  I gave my machine the same IP address as the Meraki and I was able to ping my DG and my DG was able to ping me. 

Adam
Kind of a big deal

You mentioned that the DG could not ping the MX but when its connected to the MX can the MX ping the DG (may not have the option if it isn't checking in to the internet)?

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
Adam
Kind of a big deal

Ah sorry I misunderstood.  So "your switch" is upstream on the WAN side.  I can't remember what the default configuration is but double check Security Appliance>Firewall the 'ICMP Ping' section. 

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels