More than one VPN client at same location?

SOLVED
lmorel
Getting noticed

More than one VPN client at same location?

I apologize in advance if this is a super dumb question. But I have a married WFH from same location and they can only connect one at a time. 2 separate laptops (assigned individually), Windows 10, built-in VPN client, full tunnel and RADIUS with AD. I actually watched the consistent behavior while I was pinging continuously. I had the Wife connected, pinging her VPN client IP, all fine. Then her Husband started to connect, showing as "Connecting..." while it seems to be in that state for a while and I can see his Wife's VPN IP immediately and fully dropping packets but NOT disconnecting. After what seems to be 20-30 seconds, the Husband gets the red error message about "The network connection between your computer and the VPN server.... (firewalls, NAT,...)". Right then I can see that the successful pinging is resuming on the Wife's laptop. If I have her disconnect and her husband connects, the reverse is also happening when she tries to connect and is already connected, consistently. As if the MX250 (running beta 15.34) only accepts one VPN client at a time from that public IP address where the married couple is located. Any suggestions or ideas?

1 ACCEPTED SOLUTION
SoCalRacer
Kind of a big deal

Do you have the option of reverting the mx250 to stable firmware?

View solution in original post

5 REPLIES 5
SoCalRacer
Kind of a big deal

Do you have the option of reverting the mx250 to stable firmware?

Thank you @SoCalRacer ! I could definitely try that. I was just wondering if that is something others have ever experienced. I remember running into that over 15 years ago through an ASA and AnyConnect only allowing one connection at a time from a VPN client and we could change that setting/value. I can't remember the details. But I guess our workforce has been working in the office most of the time in the last 4 years since we became Meraki customers and this is a "new" one right now. 

 

If anyone else has any input or suggestions, please let me know or share this here. I will try to revert to stable firmware this coming weekend.

SoCalRacer
Kind of a big deal

I tested this with 2 W10 clients behind the same public IP behind an MX84 to a different org behind a MX250 with 14.42 and found no issues.

 

I would suggest:

Reverting firmware to 14.42

Test with 2 W10 clients behind a different connection (ruling it as an issue with their ISP or config)

Check the IP config at their house and what type of router/device they are behind and its config

Check if ISP has any known issues with this type of thing

 

Thank you very much @SoCalRacer ! 

 

I checked and confirmed their subnets didn't conflict with anything. They are traveling right now. Used Comcast in California at home and using Spectrum right now in NC. I do not routers specifics.

 

I also tried myself right now and ran into same issue through AT&T fiber and also tested through AT&T wireless and hotspot. So getting consistently same problem/behavior. I am going to revert to 14.42.

 

Should I call support in case it is a setting they can adjust manually under beta or don't even bother?

That sounds bad, really good testing and you should absolutely push your testing and findings to the Meraki team! Good job!

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels