Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

VPN using Windows VPN Gateway Server

Johann
Getting noticed
‎Dec 28 2020 7:14 AM
‎Dec 28 2020 7:14 AM

VPN using Windows VPN Gateway Server

Hi all,

 

I hope someone can help, not sure if I'm missing the obvious here. So my client has a small network with a few VM's (AD,FS) hosted in Hyper-V environment. They currently have a SonicWall Firewall and I was looking to replace with a Meraki MX64. Crucially the off-site users +-50, connect to the office via a Windows VPN Server, they use the built-in Windows VPN client with an installed certificate to authenticate via AD. 

 

I setup the Meraki Firewall exactly as the Sonicwall, everything worked perfectly except for the VPN. Users get the generic message "connection failed because host failed to respond" Am I missing something in getting this to work? As aside, I did setup one user on the Meraki with Client VPN connection and it worked, but I would like to keep the Windows VPN server if possible.

 

Any help would be appreciated.

0 Kudos
Subscribe
4 Replies 4
ww
Kind of a big deal
Kind of a big deal
‎Dec 28 2020 10:08 AM
‎Dec 28 2020 10:08 AM

Did you forward tcp /udp ports at the mx to the vpn  server

Subscribe
In response to ww
Johann
Getting noticed
‎Dec 28 2020 12:31 PM
‎Dec 28 2020 12:31 PM

Hi ww, when I checked the Sonicwall rules, I never came across any implicit port forward rules, so I never created them on the Meraki. Logging back into the VPN server, I can see there are ports open for 1723 (PPTP) and 500/4500 (L2TP/IKEv). I think I will add these and then run a packet capture to see the results. Thanks for the heads up.

0 Kudos
Subscribe
DarrenOC
Kind of a big deal
Kind of a big deal
‎Dec 28 2020 10:50 AM
‎Dec 28 2020 10:50 AM

Hi @Johann , packet capture is your friend here.  Run it on the Internet and LAN interfaces to see what is or isn’t happening.

 

But as @ww  states below, you probably just need to set up your port forwarding for the vpn traffic to your vpn server

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
Subscribe
In response to DarrenOC
Johann
Getting noticed
‎Dec 28 2020 12:34 PM
‎Dec 28 2020 12:34 PM

Hi UCcert, I think @ww has pointed me in the right direction, as youalso mentioned I will also run the packet capture to see what is happening, thx.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.