Meraki

Community

Client VPN can ping only some computers

Solved
ITJosh
Conversationalist
‎Jul 7 2021 9:57 AM
‎Jul 7 2021 9:57 AM

Client VPN can ping only some computers

My network is consisted of multiple VLANS:

 

management 10 (192.168.10.0/24)

wired clients 100 (192.168.100.0/23)

wireless clients 200 (192.168.200.0/23)

and the VPN subnet (192.168.30.0/25)

 

I am able to connect to the VPN successfully, and I am able to ping all the default gateways for each VLAN. However, I do not see any pattern with what I can ping and what I cannot. I can ping a few clients in VLAN 100, and a few in 200. The few that I can ping are laptops, desktops, mobile phones, APs, etc. But I also cannot ping a few desktops, laptops (of the same model and OS).

 

For example, right now I am trying to remote desktop from a VPN client into a wired windows desktop on VLAN 100. I allowed remote desktop connections on the windows machine. I can remote into it from another windows machine on the same VLAN, but not from the VPN client.

 

I just barely implemented this network less than a week ago, so I have not added any firewall rules. All connections between SSIDs are allowed. Is there something else I can check for?

0 Kudos
1 Accepted Solution
In response to ITJosh
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jul 7 2021 2:59 PM
‎Jul 7 2021 2:59 PM

Could you add a rule to allow inbound traffic from the subnet allocated for client VPN.

View solution in original post

0 Kudos
5 Replies 5
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jul 7 2021 2:42 PM
‎Jul 7 2021 2:42 PM

My guess - Windows firewall on the machine you are trying to access.  If you turn Windows firewall off on the destination machine does it work?

0 Kudos
In response to PhilipDAth
ITJosh
Conversationalist
‎Jul 7 2021 2:56 PM
‎Jul 7 2021 2:56 PM

Yes, I am able to connect to it without the firewall. Is there a certain rule that I have to add to the host's firewall?

0 Kudos
In response to ITJosh
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jul 7 2021 2:59 PM
‎Jul 7 2021 2:59 PM

Could you add a rule to allow inbound traffic from the subnet allocated for client VPN.

0 Kudos
In response to PhilipDAth
ITJosh
Conversationalist
‎Jul 7 2021 3:09 PM
‎Jul 7 2021 3:09 PM

That worked! Thank you so much for your help!

0 Kudos
shreyakith
New here
‎Sep 30 2021 1:03 AM
‎Sep 30 2021 1:03 AM

can you run a packet sniffer such as Wireshark while having a continuous ping -t to your file server

you can check the issue

also do you have VLANs?   incorrect VLAN or IP address in the file server can cause this issue.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.