Meraki Community

Eric_G · ‎Sep 27 2022

Using an MX84 with MX 16.16. I am testing Meraki's Client VPN using both L2TP/IPsec and AnyConnect. In both cases, my device is connecting to the VPN but not getting a full DHCP configuration. It receives an IP address but no subnet mask and assigns itself as the default gateway. There is no way to add a DHCP scope on the MX84. I configured a DHCP scope on the core switch in my lab environment, but that also did not work - there is no way to point Client VPN to any helper address. Has anyone had any luck with configuring Meraki's Client VPN services, either L2TP with IPsec or using AnyConnect? Open to any and all suggestions.

Ryan_Miles · ‎Sep 27 2022

Whether using L2TP or AnyConnect the client subnet definition is configured the same way by specifying the subnet and mask in x.x.x.x/x format. That is the scope definition.

Eric_G · ‎Sep 27 2022

It's not an option on the DHCP configuration page - can't have a subnet conflicting with the VPN subnet. Specifying the subnet/mask on the Client VPN configuration page creates the DHCP for IP assignment, but it does not send mask or gateway settings. Which leads to another question - is an MX required at each end of the VPN, remote location and main/headquarters? If so, that would defeat the purpose of remote VPNs in a world of working from home.

Meraki Community

Client VPN DHCP Configuration

Client VPN DHCP Configuration