I have an MX64 that I don't want to use as an internet router/connection but I would like to use it as a VPN server behind a Linksys MR8300. The Mr8300 only supports passthrough not VPN server capable. Can this be done and if so some instruction would be greatly appreciated.
Not working. I am missing something I'm sure. The MX is now connected from the linksys builtin switch going to the MX internet port. What am I missing here? Thanks
That is just the ip meraki see from the cloud, and the ip you use to connect the vpn session to. The ip the mx has is under the uplink section.
You see any vpn logging in the event log?
This is what the log shows.....
|msg: ISAKMP-SA established XXX.XXX.XXX.XXX-18.104.22.168 spi:3cb7ed9bf940c327:50f9aab696cb1a33|
|Mar 24 15:38:59||Non-Meraki / Client VPN negotiation||msg: invalid DH group 19.|
|Mar 24 15:38:59||Non-Meraki / Client VPN negotiation||msg: invalid DH group 20.|
Have you had this working previously without the Linksys or is this the first time setting up client VPN? Did you follow Client VPN configuration for your client from here? https://documentation.meraki.com/MX/Client_VPN/Client_VPN_OS_Configuration
There is also a nice doc about troubleshooting client VPN you may go through (if you did not already): https://documentation.meraki.com/MX/Client_VPN/Troubleshooting_Client_VPN
Try this: https://aerovisionit.co.uk/pptp-and-l2tp-port-forwarding/ It is also mentioned in the troubleshooting link I shared above. The only part I think is wrong (or at least I disagree) is needing to port forward UDP/1701. UDP/1701 is used, but outbound only and should not be opened for unsolicited inbound connections.
The reason I think you need that is because now your L2TP server is behind NAT.