VPN registry connectivity change

Lander
Here to help

VPN registry connectivity change

Hi expert

 

I user MX with non-meraki device to config site to site vpn.   but no establish vpn tunnel.  There are a lot of event log  for "VPN registry connectivity change"  Why ??

1 Reply 1
Adam
Kind of a big deal

You'll want to double check your VPN settings on both sides.  There should be some clues in the event log that will point you in the right direction.  https://documentation.meraki.com/MX-Z/Site-to-site_VPN/Troubleshooting_Non-Meraki_Site-to-site_VPN_P...

 

Here are some things you'll want to double check.  If you are connecting to a non Meraki site then setup your MX as a Hub and configure the remote site down in the Non-Meraki VPN peers section. 

 

Double check these things to make sure they match the far side

1. 'Private subnets' should be the same or in some case supernets of remote site

2. IPsec policies should match exactly

3. Preshared secret

4. All networks or apply to your internal networks

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels