Hi everyone. We're running into an issue since upgrading our old Cisco 2911 router to a Meraki MX68W at a divisional office. We currently have both the MPLS and Comcast connections being used as uplinks. At the moment, the MPLS is the primary connection until we have the Comcast bandwidth upgraded. We're unable to scan to e-mail or folder on a Ricoh copier over the MPLS connection but it works just fine over Comcast. Before we upgraded the 2911, we did not have any scanning issues so it doesn't appear ports 25 or 445 should be blocked. I didn't see any hits on our firewall considering this traffic should all be internal and the only thing I can think of that changed from a routing perspective at this site is the removal of BGP and use of static routes on our WAN and core switches.
I do have case open with Meraki support but wanted to post something here as well in case someone has come across something similar.
Error Message:
One thought…. are you running SD-WAN over the MPLS circuit or not? If not then all your traffic will be being NATed (unless you’ve had No NAT enabled). This means the traffic from the Ricoh will appear as coming from a different address, which could be why it’s failing if the mail server is locked down.
Hi Bruce. We do have a rule in place on our Firewall to NAT our MPLS subnets at our Meraki sites to a public IP from ATT.
MPLS IP - 172.17.250.X will NAT to 12.0.152.X
We don't see any traffic from the copier itself however hitting the Firewall. It shouldn't when scanning to a network folder or e-mail.
maybe its similar to this.
Hi WW. I did come across this article earlier in the week and we did try to specify the domain name on the copier but that did not work. It seems like Marc may have got lucky in that article.