I have a MX-85
i have it setup and working.. Site to site, VPN and Local connections.
I keep an eye on the event logs, Here are some events i need help fixing or understanding..
- DHCP problem not enough addresses. (needing to expand the subnet to /23) when i try to do this it appears one of the site to site communications doesn't work..
- VLAN mismatch - Its on default VLAN 0
- Security & SD-WAN -> Route Table: shows some red on local connection.
I would like some help configuring to become more stable and reliable.
check system logs for more details..
Can you show your configurations? Do you have a topology? Do you have a switch below MX?
ok I will try to lay it all out to easily see and understand the setup..
Internet--> 1.MX85 - Downlink to SW1->downlink to SW2 & SW3..
my setup and network isn't complex.. i have 3x 48 port switches
LAN is 192.168.1.0/24
I have remote/cloud access to all equipment.. if need to maybe do a remote session sometime to look at things closer.. I know pictures can be tough at times..
MX85
Unify Devices
SW2
SW1
SW3
DHCP Status
Hi,
Well, It's non Meraki peer VPN, do you have access to Peer? On peer probably is configured subnet 192.168.1.0/24 as interesting traffic, so who configured it, needs to change the interesting traffic for 192.168.1.0/23 after change your configuration mask on MX.
On Vlan Mismatch I can see that It's another IP range 192.168.137.x. Do You have another DHCP server on your network? If not, you have to investigate it.
ok, makes sense
- i will have to check into the peer, Our heaquaters in korea has established that vpn.
- DHCP i re-structured our whole building, upgraded to cat6a and updated all network equipment..
there are only those devices listed. MX85, Unify switches and Ap's, ( i have taken all netgear routers and other devices they had everywhere ) I will investigate and see if i can locate it.. the MX-85 should be only one thats DHCP server..
I have looked for any DHCP server and i can not seem to find it anywhere..
- i have located device in the client list..shows online and has correct IP, Look at pic
i dont know what the other IP range is. i looked in to route tables. I can not seem to identify it..
device is online, Mac address compare to event log.
event log.
ddid not find any DHCP server on that IP range
useing the IP address
correct DHCP server..only 1
I can see tow different IPs for the same Mac Address:
192.168.137.2 and 192.168.137.5, according Mac Vendors the MAC Address 04:7b:cb:15:ed:59 Is a Universal Global Scientific Industrial Co., Ltd., It looks like an Access Point (I'm not sure).
Do you have some access point with this MAC?
Any chance it's a static IP host?
Have you tried to find this mac on MAC address table of your switches?
So i discovered where it is located
Sw2 on port3..It appears to be a VOIP phone Yealink SIP-T46S i will check tomarow to see what settings it is.. its possible it was setup useing a static IP..
Found the MAC/Device - I Disabled port
So i found Sw2- port 3 connecting to Voip phone -> Pc port from phone connecting to -> a 8port switch and from switch -> going to printer (MAC we been searching for) and lenovo labtop (setup as static IP 192.168.137.1)
Solution: Made sure both printer and labtop is DHCP..
HP Printer
Lenovo Labtop
Great 😄
Thank for your help with understanding what was going on with issue i don't see that coming up anymore.
this is what's showing now,
- Non-Meraki / Client VPN negotiation (not sure if this is a normal msg just stating a non-Meraki connection being made) It must be a peer config on korea end..
- I need to re-subnet to a /23 because we are reaching the threshold. less than 30% (not critical but i would like to work on what i need for doing that)
It looks fine now.
Now you just need to change the interesting traffic for 192.168.1.0/23 after change your configuration mask on interface VLAN on MX.