Meraki MX VPN HOSTNAME DNS reply issue

sjlee
Comes here often

Meraki MX VPN HOSTNAME DNS reply issue

Dear

I have issue about MX VPN HOSTNAME DNS reply.

 

The local users cannot client sslvpn via enter the URL in cisco anyconnect program.

when the local users tried, they receive fail message.

but, MX VPN WAN IP address ping was normally working.

 

sjlee_2-1707974577086.png

 

 

So, I checked nslookup DNS query,, It was failed.

sjlee_1-1707974432427.png

 

Have you been faced this issue?

If right, How to did resolve it?

 

I appreciate If you share it.

 

Thank you,

Best Regards.

6 Replies 6
jimmyt234
Building a reputation

See the FAQ at the bottom of this page: AnyConnect on the MX Appliance - Cisco Meraki Documentation

 

In short, you cannot establish AnyConnect from within the network.

sjlee
Comes here often

I checked.

I already was using it as a URL that was set up by default.

alemabrahao
Kind of a big deal
Kind of a big deal

You can create a DNS entry in your domain manager pointing to your MX's public IP.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
sjlee
Comes here often

I was using it as a URL that was set up by default. I don't know at what point it started not working, but I recognized it after the customer asked me, and I didn't change any settings until this point.

PhilipDAth
Kind of a big deal
Kind of a big deal

If you repeat the nslookup but do it against Googles 8.8.8.8 server does it work?

 

Does your MX have a public IP on its WAN interface, or is it sitting behind another device doing NAT?

 

Are you doing the test from outside of your network?  It won't work when testing from the inside.

 

Do you live in a country that could be filtering your Internet access?

sjlee
Comes here often

I was using it as a URL that was set up by default. I don't know at what point it started not working, but I recognized it after the customer asked me, and I didn't change any settings until this point.

 

there is some NAT rule due to something service related to voice.

However, regardless of this, the DNS call response worked normally, so there was no problem in trying the Anyconnect SSLVPN connection through the URL.

 

I also change local DNS from Private IP to 8.8.8.8 and tried DNS query.
But It was still no working DNS reply.

Get notified when there are additional replies to this discussion.