Client VPN Connections via Mac - Success Based on ISP/Location?

Reis
Conversationalist

Client VPN Connections via Mac - Success Based on ISP/Location?

Greetings:

I have about 20 Mac users connecting to our MX-250 via client VPN, but a handful of them experience issues, depending on their location. More specifically, the issues occur depending on what Internet connection they are on. I've confirmed that the user described below can get on the VPN and access shares via IP just fine when connected to mobile hotspot, but as soon as they switch to the home WiFi they cannot.

For example, User1 connects to VPN in Location1 and can reach shares via IP no problem. Then they travel to Location2 and the VPN connects, but they cannot reach shares via IP.

 

I found this and was hoping it would be the fix:

https://community.meraki.com/t5/forums/replypage/board-id/security/message-id/21878

 

But alas changing the device order in terminal did not affect the situation. Has anyone seen/experienced this as well? This is Mac-only, OSX Mojave & Catalina. 100% of my PCs connect perfectly fine.

I appreciate any suggestions.

 

Reis

2 Replies 2
PhilipDAth
Kind of a big deal
Kind of a big deal

This is typically an issue with the way the ISP router does NAT (specifically with regard to UDP).  You can often resolve it by having the user upgrade the firmware on their ISP router.

Reis
Conversationalist

Philip:

 

Thank you. I will try that. Appreciate the tip.

 

Reis

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels