Meraki Community

They are set to got to a name.  What type of change to the connection setup do you think is required?

the name will be set on your dns, something like vpn.company.com.  If you look at your DNS records for the domain company.com, you will find a host record (A record) called vpn and this will be set to the old virtual IP address, change it to the new vIP and you should be good to go.

Yes, which is why I've configured all of our clients to connect to the host name as opposed to the IP address so when there is a fail-over to WAN 2 or we update our circuit IP info, they will (in theory) still be able to connect. Unfortunately for me, this wasn't the case.

You need to switch the DNS record to point to the new IP when you change the primary uplink

I searched my DNS records and there is no entry for the Meraki VPN - the only entry for this device is the name of the firewall with the LAN Gateway address.

If the VPN config has a host name in it then there must be an associated public DNS record for it.  To find where the public DNS is go to mxtoolbox.com and lookup the domain (company.com), the default will return the MX records, but from the dropdown you can select DNS check and it will tell you where the DNS is hosted.  You will then need to log in to that provider's platform and manage the records for your domain.

Thanks again for looking into this.  I spoke to Meraki today and the DNS server that the MX uses is an AWS leased by Cisco in San Fransisco.  They gave me a procedure to follow to update the WAN 1 info allow an update to the DNS.  I will be testing this over the weekend or on Monday evening and I will report back.

I’ve confirmed that the DNS record updates with the new circuit virtual IP.  It appears now that the issue is with the new router; UDP ports 500 & 4500 may not be open to allow any 3rd party VPN tunnels and client VPN tunnels. Waiting on the ISP to confirm.

I also want to point out that authentication for clients is done through the Meraki Cloud, not AD.