Hi, we have recently replaced our office firewall with a Merki MX. I wrote a powershell scirpt to create a client VPN connection to the Meraki, and this is working for the most part, however there are two issues I am having some trouble with.
First we cannot ping or connect to computers on the client VPN. VPN clients can connect to our local network but not to other computers on the VPN and office computers also cannot connect to computers on the VPN. I have tried disabling the Windows firewall, and gone through the Meraki VPN setting but so far I am stumped.
I have also not been able to get computers on the VPN to registery there IP addresses with the DNS server. I found a blog post discussing this, and the recommendation was to edit the "rasphone.pbk" files setting the IPDNSFlags parameter to 3
$RASPhoneBook = "C:\ProgramData\Microsoft\Network\Connections\Pbk\rasphone.pbk"
(Get-Content $RASPhoneBook) -Replace 'IpDnsFlags=0', 'IpDnsFlags=3' | Set-Content $RASPhoneBook
This did set the TCP/IPv4 DNS settings for the connection to register the IP with DNS, but so far it is not working.
Thanks in advance for any help you can offer!
Are the remote computers running their own internal firewalls that could be blocking traffic?
What method of user authentication are you using for the vpn?
If using Meraki for the VPN and windows for everything else you need to set.
(Get-Content -path $PbkPath -Raw) -Replace 'UseRasCredentials=1','UseRasCredentials=0' | Set-Content -pat $PbkPath
Hey Guys thanks for the replies. The Meraki is acting as the gateway router for the internal computers, so it doesn't seem like it could be a routing problem. Also VPN computers can connect to the internal network.
VPN clients are authenticating against radius with their Windows credentials, and an authentication problem wouldn't seem to explain not being able to ping other computers.
I don't have any policies applied to the VPN network, and I have tried disabling the windows firewall....
I guess I'll open a ticket on this... I'll reply back when I get a solution.
Looks like the problem here was with Symantec. Our symantec antivirus includes its own firewall settings and was blocking the IP subnet on the meraki VPN. Adding a rule to allow this subnet fixed the problem. Thanks for all of the replies and help!