Meraki

Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki Client VPN Suddenly Stopped Working

Seppic
Conversationalist
‎Dec 3 2019 7:27 AM
‎Dec 3 2019 7:27 AM

Meraki Client VPN Suddenly Stopped Working

We have been using the Meraki Client VPN for over a year now for a few users with zero issues.  Randomly during the holiday week last week it stopped working.  No one was working so no changes/updates were made and I can not get it functioning again.

 

It's setup to use Active Directory and the Domain Controller and Bind user are all still functioning properly and I've rebooted it to be sure.  I have not rebooted the actual MX device as of yet.2019-12-03 10_20_39-Window.png2019-12-03 10_21_11-Window.png

 

See error message and relevant log.

 

I've already tried adding the Registry fix for the Error 809 found here (https://documentation.meraki.com/MX/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_789)

 

Any other ideas?

 

 

0 Kudos
12 Replies 12
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Dec 3 2019 7:30 AM
‎Dec 3 2019 7:30 AM

Does it work if you use rasphone.exe to establish the connection?

 

What OS are the problem clients using?

0 Kudos
In response to PhilipDAth
Seppic
Conversationalist
‎Dec 3 2019 7:34 AM
‎Dec 3 2019 7:34 AM

It does not work using rasphone.exe either, thank you for the suggestion though.

These are all Windows 10 machines. Some are 1709 others 1809, same issue.
0 Kudos
Nash
Kind of a big deal
‎Dec 3 2019 7:34 AM
‎Dec 3 2019 7:34 AM

What OS is it not working on?

 

What happens if you rebuild the VPN connection from scratch?

 

What happens when you use rasphone.exe directly in Windows?

 

If you're having issues with Win10, I've got scripts in my signature that you can harvest from. Read the comments to understand what each piece does.

Windows 10 Client VPN scripts: Makes life better!
In response to Nash
Seppic
Conversationalist
‎Dec 3 2019 7:50 AM
‎Dec 3 2019 7:50 AM

It's not working on Windows 10 1709 or 1809. Those are the two OS's we use like I stated above. I'm currently testing on my machine which is 1809.

I tried rebuilding it from scratch and see the same errors in the event log. I tried using your scripts. And got the same errors in the event log. And I tried using rasphone.exe directly. Same errors in the event log.
0 Kudos
In response to Seppic
Nash
Kind of a big deal
‎Dec 3 2019 7:59 AM
‎Dec 3 2019 7:59 AM

So you're still getting 809 errors on your end point?

 

Is your MX behind NAT?

 

Any errors on your AD server?

 

Any different with Meraki cloud credential?

 

Have you called support?

 

Edit: Also, did you reboot after adding the registry key? Won't take effect otherwise.

Windows 10 Client VPN scripts: Makes life better!
In response to Nash
SoCalRacer
Kind of a big deal
‎Dec 3 2019 10:40 AM
‎Dec 3 2019 10:40 AM

Some items to check.

 

Are all endpoints not able to VPN in?

Have the AD domain admin creds changed?

Certificate on the server expired?

LAN IP of the AD server changed?

In response to SoCalRacer
Nash
Kind of a big deal
‎Dec 3 2019 11:00 AM
‎Dec 3 2019 11:00 AM

Certificate is a great item to check. We had one expire and mysteriously 802.11x just up and stopped working on us

so mysterious

until we got a systems engineer to check the AD server and, ah ha, wouldn't you know it.

Windows 10 Client VPN scripts: Makes life better!
0 Kudos
In response to Nash
Seppic
Conversationalist
‎Dec 4 2019 2:14 PM
‎Dec 4 2019 2:14 PM

No expiring certs. Checked that after you responded though so thanks for the idea!

0 Kudos
In response to SoCalRacer
Seppic
Conversationalist
‎Dec 4 2019 2:14 PM
‎Dec 4 2019 2:14 PM

All endpoints unable to VPN. No credential changes. No expired certs. No LAN IP of AD changes lol. It's funny finding a few threads just like this that all have different resolutions and none are seeming to work. Really frustrating.
0 Kudos
pplenge
Meraki Employee
Meraki Employee
‎Dec 3 2019 3:47 PM
‎Dec 3 2019 3:47 PM

If you haven't done so already, double-check the security settings of the VPN adapter, found via "VPN > Change adapter options under Related settings." Should be 'allow these protocols" with only PAP selected.PAP.png

In response to pplenge
Seppic
Conversationalist
‎Dec 5 2019 4:08 AM
‎Dec 5 2019 4:08 AM

Already made sure of this as well. Thanks though!

0 Kudos
In response to Seppic
SoCalRacer
Kind of a big deal
‎Dec 5 2019 9:20 AM
‎Dec 5 2019 9:20 AM

If these are Dell machines make sure you remove SmartByte. 

 

https://community.meraki.com/t5/Network-Wide/Dell-Laptops-and-VPN-access/m-p/12826#M321

 

Device is not trying to VPN in from behind the MX?

 

Windows 10 Pro?

 

Is Xbox Live Networking Service off?

 

Also to verify you have encryption set to optional, not required on the adapter properties?

 

Any other 3rd-Party Software affecting these systems (Endpoint security, AV, etc.)?

 

Tried limited boot with majority of services/programs disabled?

 

Uninstalled any existing VPN software?

 

Checked Windows Reliability Monitor for recent updates/issues/performance?

 

Tried network reset? (netsh int ip reset)

 

Have you tried a different device to VPN in with? (using a phone helps to rule that it an MS issue and not Meraki )

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.