cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

mx64 client vpn issues

Highlighted
Comes here often

mx64 client vpn issues

Trying to setup a client VPN, end user devices are giving an error code 789 no matter what internet device I use.

16 REPLIES 16
Highlighted
A model citizen

Re: mx64 client vpn issues

To setup the client VPN on Windows 10:

 

  1. Click the Start button
  2. Click on Settings
  3. Click on Network and Internet
  4. Click on VPN
  5. Click on the Add VPN Connection
  6. Fill out the parameters on the Add VPN page
  7. Once the VPN is created, open the Control Panel and go to Network and Sharing center. 
  8. Click on Change Adapter settings
  9. Right click on the adapter with the same name you gave your VPN in step 6, and select Properties
  10. Click on the Security Tab
  11. Data Encryption should be set to Require Encryption
  12. Select Allow these protocols
  13. Check all three protocols, but leave Automatically us my login name unchecked.
  14. Click the OK button
  15. Try to connect to the VPN

 

Highlighted
Kind of a big deal
Kind of a big deal

Re: mx64 client vpn issues

Highlighted
Kind of a big deal

Re: mx64 client vpn issues

Configuring the client VPN via the Windows 10 GUI is fraught with danger.  Instead following this guide to create a short powershell script to configure it.  Then you'll be able to get it to work everytime.

 

https://www.ifm.net.nz/cookbooks/meraki-client-vpn.html 

Highlighted
Kind of a big deal

Re: mx64 client vpn issues

a great many gnomes appear to be Apple fans

cisco-meraki-office-expansion-san-francisco-10-700x467[1].jpg

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
Highlighted
Kind of a big deal

Re: mx64 client vpn issues

Are you using Meraki auth or AD/RADIUS

 

On Windows 10 try using powershell scripts to crate the connection.

 

https://github.com/gammacapricorni/happy-meraki-client-vpn

 

 

Try a simple passphrase.

Highlighted
Comes here often

Re: mx64 client vpn issues

Thanks for your reply. I created a vpn connection on two different machines using your configuration settings and the error still occurs.

Highlighted
Kind of a big deal

Re: mx64 client vpn issues

What authentication method are you using?

 

Is there something upstream from the MX? ISP modem?

Highlighted
Comes here often

Re: mx64 client vpn issues

Thanks for your reply. To cover these steps I changed the shared key on the mx64 and implemented the change on both vpn clients.. no change.

 

Services are running.

 

To eliminate the firewall as being the culprit, I turned off the firewall on the ubee cable modem that the mx64 is connected to and on the two windows 10 clients I disabled the firewall. I am still getting the error.

 

I also created a new user on the mx64  and authorized it then tried it on the clients. No change.

Highlighted
Comes here often

Re: mx64 client vpn issues

I am using Meraki cloud for authentication. On the ISP modem the MX64 is connected to I created rule to allow udp ports 500 and 4500 to pass through and I also disabled the firewall on the ISP modem.

Highlighted
Kind of a big deal

Re: mx64 client vpn issues

Also to double check you are not behind the MX trying to VPN?

 

Did Client VPN ever work?

 

Are you using the public IP in the VPN connection settings?

Highlighted
Comes here often

Re: mx64 client vpn issues

I am still getting the error in my event log.

 

I am at a different site (home) using a mifi hotspot currently.

 

I configured the clients to use the public ip found under appliance status.

Highlighted
Conversationalist

Re: mx64 client vpn issues

To add to the SoCalRacer's post, here's a template of a script I used to create Windows 10 VPN connections. It worked great. First, open a text editor of your choice. Then copy and paste the text below into it:

 

Add-VpnConnection -Name CONNECTIONNAME -ServerAddress VPNHOSTNAMEHERE -AuthenticationMethod Pap -force -L2tpPsk YOURVPNKEYHERE -PassThru -TunnelType L2tp

 

Change the variables CONNECTIONNAME, VPNHOSTNAMEHERE and YOURVPNKEYHERE to what they should be. Example: CONNECTIONNAME: VPN  VPNHOSTNAME: my.vpn.com and VPNKE: vpnpassword, the script would look like this:

 

Add-VpnConnection -Name VPN -ServerAddress my.vpn.com -AuthenticationMethod Pap -force -L2tpPsk vpnpassword -PassThru -TunnelType L2tp

 

After you've changed the variables, save the file as a name, with the file extension PS1 at the end. For example, vpn.ps1. Then right click on it, and choose "Run with powershell". NOTE: A lot of text editors will default .txt at the end of the filename. So you may have to rename AFTER you've saved it.

 

Highlighted
Comes here often

Re: mx64 client vpn issues

Thanks I will try the script solution later today. 

Highlighted
Comes here often

Re: mx64 client vpn issues

unfortunately that didn't work either, I still get hte same error i nthe event log.

Highlighted
Kind of a big deal

Re: mx64 client vpn issues

I think we're back to "did this ever work?"

 

Also, is there a reason why you're using port forwarding on your ISP device vs. putting it into bridge mode? Or passthrough or whatever they call it: basically, getting the public IP on your firewall directly.

Highlighted
Kind of a big deal

Re: mx64 client vpn issues

Different VPN software on the client, like Sonicwall or something your previously used? Also AV or Endpoint security software could be causing the issue? virtual adapters could cause issues and should be removed.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.