- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Site to Site VPN is not working as espected
Hallo,
we've setup a new meraki envirenment.
Site A: MX250, working as Hub
Site B: MX250, working as Spoke
Site C: MX65, working as Spoke
vpn between Site A an Site C is working fine.
vpn between Site A and Site B has a problem:
the direction from Site B to Site A is working fine, but the direction from Site A to Site B not.
For example, if we copy a file from Site B to Site A it is working.
But if we copy a file from Site A to Site B it does not work or is extremly slow.
in general the connection from Site A to Site B is very bad.
We have checked all internet connections on every site, everything is ok.
Also client vpn on Site A and Site B is working fine.
We have deleted all rules on the site to site firewall.
Also the networks are routed through the vpn.
But it is not working.
Has anybody an idea whats the problem?
Any help is appreciated.
Thanks a lot.
Oliver
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Is there any SD-WAN policy or traffic shaping enabled on Site A? Also, I suggest taking packet captures to see where those packet drops are.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are the connections at site B set up with the correct bandwidth under the menu item below, it is critical that they match the actua available bandwidth for both up and down.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It sounds to me like you are experiencing an MTU squeeze.
Try changing it on a test machine to something like 1400 and see if that changes the behaviour.
https://myrandomtechblog.com/cryptomining/change-mtu-size-in-windows-10/
If it does resolve the problem, you just need to change it on the servers being accessed.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, That is an idea we also had
but with all Servers?
It doesnt matter if smb, http or rdp.
everything is Slow
thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If it is an MTU squeeze it will be affecting all TCP based protocols to all devices.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
But with our old Cisco VPN Routers everything works fine.
Two weeks ago we setup the meraki environment.
Everything works fine thince thursday last week.
And possibly the problem appears?
Thats what i dont understand
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
the problem also appears when i'm pinging from one mx direct to the other mx about the tools section.
So the problem can't be at the server site.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
no, there Is no SD-WAN policy or traffic shaping enabled on Site A.
thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Finally, it was a problem with our internet provider.
Everythings works fine now.