Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

VPN Registry Disconnected after Firmware Ver 17.10.2 to Latest Ver 18.107.2

Solved
AidanVenn
Here to help
‎Jul 10 2023 4:56 AM
‎Jul 10 2023 4:56 AM

VPN Registry Disconnected after Firmware Ver 17.10.2 to Latest Ver 18.107.2

Hi All,

 

Anyone experiencing VPN Registry Disconnected after upgrading to Ver 18.107.2 from ver 17.10.2. See Pic.

 

We are running a PoC with multiple MX450s in Warm Spare Mode using AutoVPN to connect spokes to DCs in hubs. See pics.

 

In each DC we have two pairs of MX450s. Oddly one pair can connect to the Registry but not the other. No outbound firewall filters but all inbound initiated blocked. It only started on firmware 18. Fine with 17.

 

Will raise with Meraki but wanted to know if its just me?

 

Many thanks

 

error 1.pngerror 2.png

 

 

Labels:
0 Kudos
Subscribe
1 Accepted Solution
RaphaelL
Kind of a big deal
Kind of a big deal
‎Jul 10 2023 5:11 AM
‎Jul 10 2023 5:11 AM

We have 44 MX450s running MX18.107 and none are showing any errors related to VPN registry. 


Since it's a POC , I would reboot 1 set of MX450s , do a packet capture and look for any failed connections that or call Support !

View solution in original post

Subscribe
3 Replies 3
RaphaelL
Kind of a big deal
Kind of a big deal
‎Jul 10 2023 5:11 AM
‎Jul 10 2023 5:11 AM

We have 44 MX450s running MX18.107 and none are showing any errors related to VPN registry. 


Since it's a POC , I would reboot 1 set of MX450s , do a packet capture and look for any failed connections that or call Support !

Subscribe
AidanVenn
Here to help
‎Jul 10 2023 5:15 AM
‎Jul 10 2023 5:15 AM

Thank you

0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jul 10 2023 12:58 PM
‎Jul 10 2023 12:58 PM

This is a common issue when you are running in VPN concentrator mode behind something doing NAT.  It is not related to the firmware version.  You just happened to trigger the issue through a reboot.

 

If you configure a manual UDP NAT port forward to the MX the issue will disappear.  As a bonus, this approach also allows more cases of AutoVPN failure to be recovered and allows for overall faster recovery.  I would recommend you change to this approach.

PhilipDAth_0-1689019045421.png

 

 

If you don't like the idea of increased fault tolerance and faster recovery, then you can follow this troubleshooting guide:

https://documentation.meraki.com/MX/Site-to-site_VPN/Meraki_Auto_VPN_-_Configuration_and_Troubleshoo... 

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.