Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can't connect MX with Site to Site VPN

Dipen
Getting noticed
‎Nov 12 2021 11:37 AM
‎Nov 12 2021 11:37 AM

Can't connect MX with Site to Site VPN

We are configuring MX and did create Site to site VPN tunnel between 2 MX's but some how under VPN status they are still RED and none of the traffic is being sent to each other. We can access machines through teamviewer that means they are connected with the internet but because of the VPN they can't access drives and profiles. 

 

We have 2.1 network which is where our servers are and we have 3.1 network our users are. (Both are at the Separate locations).

 

Does anyone know why VPN status is RED or what can we do to make it green?

Labels:
0 Kudos
Subscribe
6 Replies 6
cmr
Kind of a big deal
Kind of a big deal
‎Nov 12 2021 1:28 PM
‎Nov 12 2021 1:28 PM

@Dipen can you access the local status pages of each MX, is everything there okay?  Also can you please explain what a 2.1 and 3.1 are?  On the dashboard what does the VPN status page for each appliance say?

Subscribe
In response to cmr
Dipen
Getting noticed
‎Nov 12 2021 2:26 PM
‎Nov 12 2021 2:26 PM

@cmrYes i can access Local page the appliance is online. We have two MX device first one has set vlan to be as 192.168.2.1 and another MX device in different location set as 192.168.3.1.

 

Now i conifgured Site to Site VPN inorder to access things, but when on VPN status it shows disconnected on 192.168.3.1 MX. It seems to me like device can't connect with Cisco cloud.

 

However 192.168.2.1 can connect to cloud.

0 Kudos
Subscribe
In response to Dipen
cmr
Kind of a big deal
Kind of a big deal
‎Nov 12 2021 2:35 PM
‎Nov 12 2021 2:35 PM

Do the two MXs have different public IPs?  Does the local status page of the MX with a local IP address of 192.168.3.1 look okay, if it does then it is talking to the Meraki dashboard.

Subscribe
In response to cmr
Dipen
Getting noticed
‎Nov 12 2021 2:40 PM
‎Nov 12 2021 2:40 PM

@cmryes they have different public ip because they are at different location lets say for example one in NY and other in LA... Also appliance is online i can see white light on MX and on the dasboard as well it says online. Still can't access another location.

0 Kudos
Subscribe
In response to cmr
Dipen
Getting noticed
‎Nov 12 2021 5:33 PM
‎Nov 12 2021 5:33 PM

@cmr 

Dipen_3-1636767228458.png

 

0 Kudos
Subscribe
In response to Dipen
Ryan_Miles
Meraki Employee
Meraki Employee
‎Nov 12 2021 6:00 PM
‎Nov 12 2021 6:00 PM

To confirm on the static WAN IP's. They both show in the same subnet, but one has a /24 mask and the other a /29. Is that correct or is there a typo on the /24 one?

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.