Meraki

MattMunhall · ‎Dec 12 2023

I have a MX250 setup a concentrator in our DC and a MX95 setup as a test device. I have successfully setup a VPN tunnel via BGP and can ping and connect to my internal network via IP address. However I am not able to via its hostname. For DHCP on the MX95 I have specified the DNS server I am wanting to connect and my computer does connect and see it. If I try RDPing into a boxes IP address it will however the hostname will not and I am not able to ping it either. What am I missing?

Thanks.

alemabrahao · ‎Dec 12 2023

This could be due to a few different factors.

Ensure that the DNS server specified in the DHCP settings of the MX95 is able to resolve the hostnames for your internal network.

Check the DNS settings on the client devices. They should be configured to use the DNS server that can resolve the hostnames of your internal network. If a public DNS server (like 8.8.8.8) is used, it won’t be able to resolve internal network hostnames.

If you recently made changes to your DNS entries, it might take some time for the changes to propagate through the network.

Check if there are any firewall rules that might be blocking DNS traffic.

Make sure that the VPN configuration allows for DNS traffic to pass through. In some cases, you might need to adjust the settings of your VPN to allow for this.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

MattMunhall · ‎Dec 12 2023

DHCP can resolve hostname as this works on our Cisco equipment, just not Meraki currently. My ipconfig does show my internal networks DNS. Not DNS changes have been made. This is a test network, with currently no firewall rules in places.

I am not sure where I would make changes on the VPN config for DNS traffic to flow through as when I am got site to site VPN this site is a spoke and do not see an option for this.

alemabrahao · ‎Dec 12 2023

An easier question to answer, can you ping the DNS server IP from the client machine? Or even a tracert?

Otherwise, do a packet capture.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

MattMunhall · ‎Dec 12 2023

Yes, I can successfully do a ping and also traceroute to my DNS server from my machine that is connected to the MX.

alemabrahao · ‎Dec 12 2023

What about the DNS suffix, is the client receiving it via DHCP?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

MattMunhall · ‎Dec 12 2023

If I do a ping of the FQDN of an internal server it can ping and also connect, just unable to connect to the hostname of the box. yes, the client is receiving DNS via DHCP as well.

alemabrahao · ‎Dec 12 2023

I don't see any routing issues in this case. Which suggests that it could be something on the server or some blockage on the network. I suggest you open a support case.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

RaphaelL · ‎Dec 12 2023

The easiest way to troubleshoot that would be to run multi-point packet capture. One on your MX spoke LAN , MX spoke Site-To-Site and one on your MX HUB site-to-site. This will help you to narrow down where the issue is.

If you do a nslookup y.y.y.y x.x.x.x ( where x.x.x.x is your DNS server ) and you try a query, does it work ?

Meraki

Community

DNS issue with BGP

DNS issue with BGP