Meraki

Community

Mysterious IP in traceroute on SD-Wan

Solved
from_afar
Building a reputation
‎Sep 11 2024 7:21 AM
‎Sep 11 2024 7:21 AM

Mysterious IP in traceroute on SD-Wan

I'm trying to track down an issue where local DNS is not working for any of our SD-Wan users. It's been happening since last Friday afternoon and there's no fix in sight (Have a ticket open with ATT who we get Meraki through). While troubleshooting, I tried running a traceroute from SD-Wan location to a device on the LAN via IP address. Our LAN is 192.168.111.0/24, Anyconnect 192.168.112.0/24, SD-Wan 192.168.113.0/24 and I have VPN set up so I can remote in to the SD-Wan location to try to figure out this issue and that ip is 192.168.114.0/24. However, when I run a traceroute to something on the LAN from SD-Wan location, the first hop is to 192.168.100.1 which I do not recognize at all. Is there some way to figure out who/what this address is? I cannot ping/ssh/http to it from either the LAN, SD-Wan location nor either appliance.  The second hop is the server I'm tracing so the trace completes, I just don't understand where this IP is coming from. Could it be an internal address Meraki uses for NAT or something? Since we are leasing from ATT, I unfortunately don't have full admin access to the Meraki interface, so apologies if it is something obvious. 

Labels:
0 Kudos
1 Accepted Solution
In response to cmr
from_afar
Building a reputation
‎Sep 11 2024 1:04 PM
‎Sep 11 2024 1:04 PM

Turns out it was the router IP address at the SD-Wan location. 

 

Trying to figure out what is going on, I started disabling WAN interface (I have/had 2 connections at each location; fiber and cable at LAN and fiber and cable at SD-Wan location). After disabling one of the WAN interfaces at the SD-Wan location, I was unable to VPN back in there to continue testing. Looking further, I saw that the SD-Wan VPN tunnel is for some reason connecting to the backup/failover/WAN 2 IP address at the LAN location. I also noticed that the IPv6 status is "failed" for WAN2 at the LAN location. I'm going to try to unplug the LAn WAN2 interface and see what happens. 

View solution in original post

4 Replies 4
cmr
Kind of a big deal
Kind of a big deal
‎Sep 11 2024 8:00 AM
‎Sep 11 2024 8:00 AM

Could 192.168.100.1 be the WAN IP on the MX, or it's default gateway IP on the ATT equipment?

If my answer solves your problem please click Accept as Solution so others can benefit from it.
In response to cmr
from_afar
Building a reputation
‎Sep 11 2024 1:04 PM
‎Sep 11 2024 1:04 PM

Turns out it was the router IP address at the SD-Wan location. 

 

Trying to figure out what is going on, I started disabling WAN interface (I have/had 2 connections at each location; fiber and cable at LAN and fiber and cable at SD-Wan location). After disabling one of the WAN interfaces at the SD-Wan location, I was unable to VPN back in there to continue testing. Looking further, I saw that the SD-Wan VPN tunnel is for some reason connecting to the backup/failover/WAN 2 IP address at the LAN location. I also noticed that the IPv6 status is "failed" for WAN2 at the LAN location. I'm going to try to unplug the LAn WAN2 interface and see what happens. 

Tac7
Meraki Employee
Meraki Employee
‎Sep 11 2024 8:05 AM
‎Sep 11 2024 8:05 AM

The MX does not have any internal IP address in the subnet of 192.168.100.0/24. Please use the Tools on the MX to see if you have an ARP entry for that. You might be able to find the MAC address using that IP. 

In response to Tac7
from_afar
Building a reputation
‎Sep 11 2024 8:12 AM
‎Sep 11 2024 8:12 AM

Thanks for the reply. That IP address does not appear in the ARP table on either appliance (the SD-Wan spoke nor LAN hub). 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.