Using the backup Cloud connection.

Richard_W
A model citizen

Using the backup Cloud connection.

I have a Z3 deployed in a office space that is like a shared office space but that it is actually a space in someone else's office. So a company has let us use their office.

 

I of course thought I was dealing with a traditional "shared office space."

 

The issue that we had is the room just had one Ethernet jack and no wireless. So we sent them a Z3 for both wireless and VPN functionality.

 

Of course we get "Connection to the Cisco Meraki Cloud is using the backup Cloud connection."

 

My guess is the office network is blocking UDP port 7351.

 

And now I have the "As part of ongoing efforts to improve the performance and resiliency of the Meraki Cloud we will be changing the IP addresses used by Cisco Meraki devices to contact the Meraki Cloud. One or more of your Meraki devices are unable to communicate with this new IP range…" message.

 

I'm guessing my only solution is to get a message through to the Office's IT dept. although I wonder if they may not be pleased about this device being on their network.

 

Thoughts?

 

3 REPLIES 3
SoCalRacer
Kind of a big deal

Not that this will solve your issue directly, but possibly swap the Z3 for a MR33. Then make the clients (I am assuming small Windows deployment) use a client VPN. This might make the other office IT happier instead of knowing there is another firewall and DHCP device in the network. 

 

Another option I would say is look at the topology and see if it is possible to get the one ethernet patched directly above their UTM, like in the carrier modem or CPE. Get a static public IP and then connect your Z3 to that port. Then you are using their internet, but not in their network.

Note that you can tell an MR33 to VPN tunnel an SSID back to an MX - so no client VPN required.

https://documentation.meraki.com/MR/Client_Addressing_and_Bridging/SSID_Tunneling_and_Layer_3_Roamin...

PhilipDAth
Kind of a big deal
Kind of a big deal

All you can do is given them the Meraki firewall rules and say you need that.

 

You could also try asking if them can open up udp/7351 to any and see what happens.  It might be easier.

 

 

Note that AutoVPN should still work - this will just get rid of the warning in the dashboard.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels