Client VPN on Beta MX 15.14

John_R_Gudmann
Here to help

Client VPN on Beta MX 15.14

Hi

Just want to share that Client VPN from Apple IoS / Windows 10 is not working on MX65W and beta MX15.14.

Downgrading to MX 14.39 solved the problem.

Br John

4 Replies 4
Nash
Kind of a big deal

Thanks for the heads up. Could you describe what wasn't working?

PhilipDAth
Kind of a big deal
Kind of a big deal

There was a change to stronger ciphers at some point, and the removal of DES.

 

I wonder if that was it.

 

At what point does it fail?  Do you get to enter a username/password?  Does it come back with an error message?

Nash
Kind of a big deal

Mmm, I could definitely see older clients being unhappy at being asked for stronger ciphers. In reading the patch notes, that looks like it applies to site-to-site tunnels? "The DES encryption algorithm is no longer supported for use in formation of VPN tunnels." If I recall correctly, the existing client VPN defaults to 3DES already... no DES involved.

 

There's also this under known issues: "client VPN users cannot communicate across non-Meraki VPN tunnels"

 

So uh, personally, looks like I'm really unlikely to be using 15 until the beta gets less beta-y.

 

Hi.

Yes, I got username / password prompt on both IOS/ and Windows 10 devices. However it never allow access just timeout.

I have tried with two account on Merkia (1 with MFA and 1 regularly) did not have any impact. Sune after downgrade to latest stable version it works again. I did not see any information in log files on Meraki.

 

  

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels