We have recently started facing a weird issue that Client is unable to access any of the internal network https URL and internet is working fine. We have tried by taking the packet captures and dont see anything weird in it. Does anyone face these kind of issues.
Note: Client is connected to the MX(Spoke) and Spoke is connected to MX(Hub) via Site2Site tunnel.
Some Network under the Organization is facing this issue and some networks are working fine. We have even compared the configuration between those working and non working MX and looks exactly similar.
Hard to help with this one, without a lot more information. If you haven't already, I'd recommend opening a case with Meraki Support - they will have access to so much more information to help you.
Thanks Green, have already opened a case and they had asked us to change the MTU and still no luck there. Just wanted to check if anyone had faced similar issues with MX recently.
The main problem is that any URL within our internal network is not working but internet works fine. In the packet capture also we dont find any issues and external firewall rules are also allowed .
I had a look at the packet capture and found out that when the client is using TLSv1, the server is not sending any response and it works perfectly works with TLSv1.2. This does means that Meraki MX doesnot support TLSv1 and how does this works with Internet URL's?
If this traffic is passing over AutoVPN (and it sounds like it is) there's no mechanism I'm aware of, by which MX would specifically block TLSv1 (over other versions of TLS, for example). Have you got your MXs configured to send syslog events to a central server? If so, what if anything are you getting for the times you're testing? At what points in the network and on what interfaces are you taking the packet captures?
What version(s) of MX firmware are you running? Was this previously working and now has stopped?
Get notified when there are additional replies to this discussion.
