Meraki

framosCTLink · ‎Mar 24 2020

Hi,

can someone assist me on settings needed for Client using client VPN as they cannot reach any host configured under static routes. Below are the things/settings I've done to give you a whole grasp of the picture

Client VPN subnet (172.x.x.x)

MX Subnet 192.x.x.246

3rd party router (directly connected to MX84 Switch port)

192.x.x.1

192.x.x.254

for LAN, access all configured static routes are accessible but when connecting to Client VPN, ping and connectivity is impossible. I've perform static route but traffic stopped to Meraki

Layer 3 firewall rules, I've allowed 172.x.x.x going to 192.x.x.x

on 3rd party router, created static route going to 172.x.x.x next hop to 192.x.x.246 (meraki mx)

Is there anything I've missed here?

Franco Ramos

Johnfnadez · ‎Mar 24 2020

Try to configure a point to point subnet /30 for sample 192.168.100.0/30 between the 3rt party router and try to ping the MX side and the the 3rt party side.

The reconfigure the static route.

Something to take in count, have you check the static routes in the other router? bc would it be that the packet is arriving but it doesn`t know how to reply the message.

so try to configure a static route to the vpn client subnet in the 3rt party router.

Regards,

Johnny Fernandez
Network & Security Engineer
CCNP | JNCIP-SEC | CMNA

andy0609 · ‎Mar 25 2020

Also, what do you have any rules in your firewall to allow this traffic?

framosCTLink · ‎Apr 1 2020

Hi @andy0609 ,

I dont have any rules for this.

I tried creating one being my Client VPN segment as my source and destination is the next hop IP but i think i didn't worked so i've removed it.

Franco Ramos

Meraki

Community

Client VPN cant reach configured static routes

Client VPN cant reach configured static routes