Non-Meraki VPN peers / can't connect

Ezzatcs
Comes here often

Non-Meraki VPN peers / can't connect

Dears, 

 

After Greetings, I wanna make a VPN tunnel between two MX in a different organization, 

 

First one 

-Here we're in Egypt organization 

 

egypt.png

 I configure morocco's public IP and it's the subnet 

 

-Her we're in Morocco organization 

moroccoo.png

 

 

But does work, I followed many topics here but with no luck 

 

note: 

 

when checking logs I found this:

 

Screenshot_4.png

 when searching for this error, I can find in Meraki Dashboard this FIPS

2 REPLIES 2
GIdenJoe
Kind of a big deal

You should not run in FIPS mode at both sites.  I don't believe this option is available by default though.

 

You should first check if your VPN is up (security & SD-WAN-> VPN status).

If it is not up you will need to troubleshoot.
You can start by Capturing UDP/500 and 4500 on your internet link at both sites and see if they complete their negotiation or not.  You can do this capture directly from dashboard in network-wide->packetcapture.

PhilipDAth
Kind of a big deal

You haven't filled in the local or remote ID.

 

The local ID is the IP address configured on your primary Internet interface.  The Remote ID is the same value but what you configured on the remote MX.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels