Meraki

Community

Client VPN Firewall Ports

Solved
rafaelertel
Here to help
‎Apr 6 2020 2:54 PM
‎Apr 6 2020 2:54 PM

Client VPN Firewall Ports

Hey All,

 

I won't feel bad if you flame me with a RTFM, but does anyone know off hand which ports one would have to open on a firewall sitting in front of a Hub MX to let Meraki ClientVPN traffic (L2TP/IPSEC) through to said Hub?

 

UDP 500, UDP 4500, ESP 50, AH 51...? anything else, or not one of these?

 

Thanks,

 

rif

0 Kudos
1 Accepted Solution
In response to DarrenOC
DarrenOC
Kind of a big deal
Kind of a big deal
‎Apr 6 2020 3:14 PM
‎Apr 6 2020 3:14 PM

TShoot doc

 

https://documentation.meraki.com/MX/Client_VPN/Troubleshooting_Client_VPN#Resolving_NetBIOS_names_ov...

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

View solution in original post

5 Replies 5
DarrenOC
Kind of a big deal
Kind of a big deal
‎Apr 6 2020 3:10 PM
‎Apr 6 2020 3:10 PM

UDP 500 and 4500

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
In response to DarrenOC
DarrenOC
Kind of a big deal
Kind of a big deal
‎Apr 6 2020 3:14 PM
‎Apr 6 2020 3:14 PM

TShoot doc

 

https://documentation.meraki.com/MX/Client_VPN/Troubleshooting_Client_VPN#Resolving_NetBIOS_names_ov...

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
In response to DarrenOC
rafaelertel
Here to help
‎Apr 6 2020 4:00 PM
‎Apr 6 2020 4:00 PM

Thanks man now i'll RTFM 😉

 

rif

In response to rafaelertel
DarrenOC
Kind of a big deal
Kind of a big deal
‎Apr 6 2020 10:01 PM
‎Apr 6 2020 10:01 PM

🤣😂 no worries @rafaelertel . Enjoy, it’s an excellent read

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
In response to DarrenOC
cvwordragen
Here to help
‎Nov 22 2020 7:34 AM
‎Nov 22 2020 7:34 AM

Today I had the same issue.

Port Forwarding UDP 500 and UDP 4500 to the inside LAN-adres of the hub will do.

Advise: test your Client VPN with a iPad or iPhone. This worked for me, immediately.

With the Apple clients you will see UDP 500 and UDP 4500 is okay.

MS Windows has problems with NAT-T (NAT Traversal) for ages.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.