Meraki

Community

Issue trying to set up remote access to Pen Test device

PJB
Here to help
‎Feb 15 2024 9:32 AM
‎Feb 15 2024 9:32 AM

Issue trying to set up remote access to Pen Test device

Hi all,

 

I have a Raspberry Pi connected to a MS switch in its own Vlan and for the some reason I cannot connect or even ping the device remotely. I have set up 1to 1 Nat from my Public IP but still no joy. Any help much appreciated

0 Kudos
8 Replies 8
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 15 2024 9:50 AM
‎Feb 15 2024 9:50 AM

Do you have any firewall rules configured that could be blocking access?
Is the MX's public IP configured directly on the MX's WAN? Is this IP behind a CGNAT?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
PJB
Here to help
‎Feb 15 2024 12:01 PM
‎Feb 15 2024 12:01 PM

Hi no I dont see any rules blocking, very simple set up;

PJB_0-1708027280590.png

 

0 Kudos
BlakeRichardson
Kind of a big deal
Kind of a big deal
‎Feb 15 2024 10:51 AM
‎Feb 15 2024 10:51 AM

If the device is open using port forwarding be aware this isn't secure, using a VPN would be a better approach. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 15 2024 11:58 AM
‎Feb 15 2024 11:58 AM

Are you trying to ping your device from inside or outside of your network?

 

Does the Raspberry Pi have a firewall on it, and if so, is ping allowed?

0 Kudos
In response to PhilipDAth
PJB
Here to help
‎Feb 15 2024 3:59 PM
‎Feb 15 2024 3:59 PM

I am trying to ping from outside my network. Ping is allowed and there i no FW on the Pi

0 Kudos
In response to PJB
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 15 2024 4:04 PM
‎Feb 15 2024 4:04 PM

Ping will not work in 1:1 NAT, only access to the specific port that you have allowed will work.

My advice is not to open this communication to the internet but to set up a Site to Site VPN which is more secure.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
PJB
Here to help
‎Feb 16 2024 12:33 AM
‎Feb 16 2024 12:33 AM

Ok many thanks. Setting up Site to Site VPN is easy enough to a non Meraki Device?

0 Kudos
In response to PJB
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 16 2024 3:17 AM
‎Feb 16 2024 3:17 AM

Yes,

 

https://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-Site_VPN_Settings#Non-Meraki_VPN_Peers

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.