Failed Dashboard WAN Status, but Can Still Ping IP

KRobert
Head in the Cloud

Failed Dashboard WAN Status, but Can Still Ping IP

I am having an issue that relates to a switch with a L3 interface setup for a Comcast EDI configuration. Please see the following community strings for how I set this up.

Long version https://community.meraki.com/t5/Switching/Meraki-and-Comcast-EDI/m-p/36808  - @BrechtSchamp 

Short version https://community.meraki.com/t5/Switching/30-and-29-comcast-edi-issue/m-p/37128

 

My MX250 appliances are setup to use a publicly routable network that Comcast provided. I have set this up as VLAN 3001 with a 55.100.100.0/27 network. If I were to just place the MX appliances in the VLAN, it would show that my WAN connection is up in the Meraki Dashboard. The problem I am running into is that we need to place an IPS pass-through appliance between the Comcast IPS and the MX appliances. When we do this, I can still ping the IP addresses successfully of the MX appliances, but the Dashboard is saying the WAN is failing.

 

Here is the topology layout:

 

Comcast's network provides a 50.10.20.30/30 network.

Comcast has 50.10.20.31 as the gateway.

I created a L3 interface (VLAN 3000) on our edge switch with an IP off 50.10.20.32. This creates a default route similar to what is seen in the links above.

Comcast provides a routable IP subnet 55.100.100.0/27.

I then created a 2nd L3 interface (VLAN 3001) with IP address 55.100.100.1.

The External IPS port is connected to the switch and is setup on VLAN 3001 with an IP of 55.100.100.2.

The Internal IPS port is connected to the switch and is setup on VLAN 3002.

The MX appliances have their WAN ports connected to the switch and are in VLAN 3002. 

 

Capture.PNG

I can ping all appliances and devices within the 55.100.100.0/27 network, but the dashboard is saying it is failing.

If I move the the MX WAN connections to VLAN 3001, the dashboard says it is active.

 

Has anyone ran into this issue and does anyone have a solution. It would be greatly appreciated.

 
CMNO, CCNA R+S
2 REPLIES 2
KRobert
Head in the Cloud

All IPs and VLANs are made up for privacy.
CMNO, CCNA R+S
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels