MX 17.10.2 - can't connect via Client VPN

nbit
New here

MX 17.10.2 - can't connect via Client VPN

I have two uplinks. When I switched to the new one, VPN stopped connecting. I now switched back to Wan1 and it still won't connect.

 

Where do I find any inf/log for this or how do I troubleshoot this?

 

Thank you.

8 REPLIES 8
PhilipDAth
Kind of a big deal
Kind of a big deal

Are you using the Microsoft L2TP client or Cisco AnyConnect?

 

Are you connecting to the dynamic DNS name on the MX or a hard coded WAN IP?

 

Does the MX have a public IP on each WAN circuit directly configured on the MX, or is one/both uplinks plugged into something NATing to a private IP on the MX WAN interface?

Two separate ISPs plugged into WAN1 and WAN2. IPs. The first one had a name and everyone connected to that for years.

 

And no AnyConnect, just regular Mac OS VPN.

alemabrahao
Kind of a big deal
Kind of a big deal

Have you tested It wirh another OS?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Frank-NL
Getting noticed

Hi,

 

You can find logging in the event log, filter on "Non-Meraki / CLient VPN" events.

 

Switching between uplinks with the client VPN is tricky, especially when it's a short period of time. Like Philip is saying it depends on the way you are trying to connect.

 

Nothing in the log for yesterday. 

I tried connecting now and it stayed connected. Weird.

Frank-NL
Getting noticed

Definitely something with the MX, we’ve had difficulties as well with failovers but usually it’s up and running quite fast. Do you think its something in the 17 version?

alemabrahao
Kind of a big deal
Kind of a big deal

If It's a Windows machine you can take a look on Windows event viewer. 

 

https://documentation.meraki.com/MX/Client_VPN/Guided_Client_VPN_Troubleshooting#Common_Windows_erro....

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
nbit
New here

The next morning I tested and it worked, again. Thank you, all for the responses.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels