Remote configuration

SOLVED
MerakiMed
Getting noticed

Remote configuration

We shipped a MX67 to an office that currently has an ISR for DMVPN and Cisco switch behind it for access. For some reason when connected to the WAN it was saying "Bad IP address assignment". And rather than the static IP address

and gateway - in the dashboard I was seeing a DHCP address assigned by Consolidated the ISP. The device would register and unregister, VPN would establish and then not be established. Not sure all what's going on. What would 

be the best way to get this configured remotely with all non-technical folks at the site? Clear the config and attach the Internet interface to the LAN so it can register to the cloud and then manually configure the WAN address once it's visible? 

1 ACCEPTED SOLUTION
cmr
Kind of a big deal
Kind of a big deal

@MerakiMed  what @KarstenI meant is that if you set up the WAN2 port, then connect it to a normal LAN access port, the firewall will register that way stably, allowing you to play with WAN1 and figure out the issue.  You should be able to convert it at the moment when the device appears in the dashboard as that feature is available (maybe only in 15.x firmware)

View solution in original post

7 REPLIES 7
CN
Meraki Alumni (Retired)
Meraki Alumni (Retired)

From what you've described, it sounds like the device is indeed checking in, albeit using DHCP. You should just be able to use the pencil icon next to WAN1 on the uplink tab. 

 

There are multiple reasons that you could be getting that error, but the most common cause is that the static gateway that you have defined is NOT responding to ARPs. Since the default gateway isn't responding it's not able to use the address that you have defined and will fail back to DHCP. A packet capture on the internet interface will help determine whether or not that's the case. If it is then, you'd likely need to talk to the ISP as to why there is no response. If it is simply a misconfiguration you can simply change via the dashboard.

 

MerakiMed
Getting noticed

Thanks much CN! 

 

 

KarstenI
Kind of a big deal
Kind of a big deal

Did you convert LAN2 to WAN2 before shipping the device to the location? Then you can connnect WAN2 anywhere in the network where the MX gets internet access and start troubleshooting WAN1.

 

We're too cheap for a WAN2! 

cmr
Kind of a big deal
Kind of a big deal

@MerakiMed  what @KarstenI meant is that if you set up the WAN2 port, then connect it to a normal LAN access port, the firewall will register that way stably, allowing you to play with WAN1 and figure out the issue.  You should be able to convert it at the moment when the device appears in the dashboard as that feature is available (maybe only in 15.x firmware)

MerakiMed
Getting noticed

Oh I see. So in Uplink, Add a Second WAN port which will be interface 2. Make it DHCP so it can phone home and go from there. Is that it?

KarstenI
Kind of a big deal
Kind of a big deal

Exactly! That can assist you in troubleshooting.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels