Meraki

Community

MX84 Can't create inbound VPN policy.

Nopphakorn
New here
‎Jul 8 2019 9:39 PM
‎Jul 8 2019 9:39 PM

MX84 Can't create inbound VPN policy.

when I create policy of VPN tunnel. It will missing after save.

0 Kudos
5 Replies 5
General-Zod
Getting noticed
‎Jul 8 2019 10:21 PM
‎Jul 8 2019 10:21 PM

How strange.......I literally just experienced this issue but on a MX250. Then your email came through from the community forum. I made the vpn rules inbound and outbound they seemed to apply OK, however when I navigate elsewhere then back to the VPN config the inbound rules have disappeared. Outbound rules are ok, they remain. Running latest stable MX 14.39

 

So I'm in the same boat as you.

 

0 Kudos
In response to General-Zod
Nopphakorn
New here
‎Jul 8 2019 11:46 PM
‎Jul 8 2019 11:46 PM

And then what is the solution for this problem?

 

0 Kudos
In response to Nopphakorn
General-Zod
Getting noticed
‎Jul 9 2019 12:28 AM
‎Jul 9 2019 12:28 AM

I raised a case, see attached pic. It's a cosmetic issue, meaning the inbound vpn rules shouldn't be there at all. At least until they fix it. The pic is a extract from a document supplied to me by the TAC. I did notice (just now) a ! hover which states this but its much more discrete than the pic. Have asked for a ETA on fix.

Wish the problem was inversed though, would much rather limiting inbound initiated coms from a semi-trusted VPN peer.

 

Cheers

 

inbound_vpn_fw.PNG

In response to General-Zod
Nash
Kind of a big deal
‎Jul 9 2019 7:40 AM
‎Jul 9 2019 7:40 AM

I'm always surprised that the inbound site-to-site rules continue to show up. Hasn't this bug been chilling out for months now? It's very confusing.

Windows 10 Client VPN scripts: Makes life better!
0 Kudos
In response to Nash
General-Zod
Getting noticed
‎Jul 9 2019 6:26 PM
‎Jul 9 2019 6:26 PM

Tell me about it, I have never had to use them before until now.

 

This limitation means that I'll need to propose a different solution for this VPN setup.

 

So it looks like the MX's are no good for setting up multiple VPN peers for different 3rd parties who each need to "initiate" access to unique specific resources on the LAN side of the MX with security in mind.

 

Cheers

 

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.