Site to site vpn not passing microsoft network traffic at all.
I have six meraki appliances (1 mx84, 2 mx 67 and three mx64w) I have setup the site to site vpn so that:
1. There are two hubs: the mx84 and the mx 67. Those two talk to each other. Sort of.
2. The three mx64's are "spokes" and they connect to both "hubs" the mx84 and the mx67. They have to for DNS and AD use.
2a. All of the VPNs are reporting as up and running.
3. I CAN ping, by ip and by name (so DNS resolves).
4. I CAN rdp from the mx84 network to the mx67 network, then back.
5. I CANNOT do a "net view" on ANYTHING, including NAS devices. (I can get to the web GUI of the devices, with a browser.)
6. I CANNOT map network drives to remote networks
7. I CANNOT do a \\machinename\ from windows explorer.
8. My Active Directory is currently FAILING to replicate.
Any Ideas why? It's like all the microsoft traffic is just being dropped.
There are no rules on the VPN's to restrict any traffic, do I need to add an explicit allow?
Never mind: Found the issue:
Sonicwalls treat VPN traffic differently than Meraki. Sonicwalls bind the rules to a "zone" (LAN, WAN, VPN) and you can set different rules per zone. So I though the layer 7 rules on the Meraki were only for Lan -> Wan traffic, but it's also applying it to Site to site VPN traffic