Meraki

MerakiMed · ‎Oct 22 2020

Is there any impact on LAN to LAN tunnels if I enable Client VPN on hub MX 250? I imagine not. But as I have many spokes connecting to it I want to be certain.

Also the MX sites behind an ASA firewall. What ports need to be open to the MX 250 for client VPN to work?

Thank you.

Michael

Bruce · ‎Oct 22 2020

The client VPN uses L2TP/IPSec, you’ll need UDP500 and UDP4500 passed through for the ASA. This and other troubleshooting hints can be found here https://documentation.meraki.com/MX/Client_VPN/Troubleshooting_Client_VPN.

So far as impact, yes it will have an impact. How much that impact is depends on how many clients connect. Have you checked the MX sizing guide?https://meraki.cisco.com/lib/pdf/meraki_whitepaper_mx_sizing_guide.pdf

View solution in original post

Bruce · ‎Oct 22 2020

The client VPN uses L2TP/IPSec, you’ll need UDP500 and UDP4500 passed through for the ASA. This and other troubleshooting hints can be found here https://documentation.meraki.com/MX/Client_VPN/Troubleshooting_Client_VPN.

So far as impact, yes it will have an impact. How much that impact is depends on how many clients connect. Have you checked the MX sizing guide?https://meraki.cisco.com/lib/pdf/meraki_whitepaper_mx_sizing_guide.pdf

MerakiMed · ‎Oct 22 2020

Well initially there will be no clients connecting. So it's just a question of whether turning the service on itself causes and interruption to the spoke to hub LAN to LAN traffic. I imagine - but like I say need to be sure.

Meraki

Community

Enabling Client VPN MX 250

Enabling Client VPN MX 250