Site-to-Site VPN working on wireless connection but not on LAN

Johann
Getting noticed

Site-to-Site VPN working on wireless connection but not on LAN

Greetings all,

 

Hope somebody can help on this one.

I have a MX68 at the headend connected into my core switch and a MX68CW at a branch site on 4G.

 

From the branch site I can connect via WiFi to the MX68CW, then I can use the 4G connection and I'm then able to ping my MX68 and have access to all network resources located after that (I had to add my dns servers onto the wireless nic to get this working)

But as soon as I connect to my MX68CW with a LAN cable, I cannot access my network at all, all pings fail, I've tried changing the dns settings for the nic, as I did for WiFi, did not help, all other settings are the same.

 

I am really stumped on this one, if anybody can shed some more light on this or if you need any other info on the setup, let me know.

 

Thx

6 Replies 6
cmr
Kind of a big deal
Kind of a big deal

Are they set up as an SD-WAN hub and a spoke or two hubs?

Do you get an IP address from the same subnet with wired or wireless?

Do you have any ACLs configured?

Is the SSID bridged to the LAN or another option?

 

If my answer solves your problem please click Accept as Solution so others can benefit from it.
Johann
Getting noticed

Are they set up as an SD-WAN hub and a spoke or two hubs? - Yes, MX68 is the Hub and MX68CW a Spoke

Do you get an IP address from the same subnet with wired or wireless? On wireless yes, on the subnet I set, on wired no

Do you have any ACLs configured? No ACL's configured

Is the SSID bridged to the LAN or another option? No, not that I'm aware of

Jwiley78
Building a reputation

Go to Security & SD-WAN-> Site to Site VPN

Check under VPN settings and ensure your local network are set to "on" under VPN participation.

Jwiley78
Building a reputation

Jwiley78_0-1581508362548.png

 

Johann
Getting noticed

Hi, the VPN was set to On

Annotation 2020-02-12 120738.png

 

Johann
Getting noticed

Hi all,

 

So I think I found the problem, I looked in the Per-port VLAN Settings and LAN ports were disabled by default! Haven't seen this before, not sure why it would be disabled, anyway I've enabled them now and will head out to the branch to test.

 

Thx

 
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels