Meraki Community

uqicperez · ‎Oct 26 2023

Hello, I am having problems adding a switch to the Meraki dashboard, in the Cloud Monitoring for Catalyst application it stays at the point: Checking TCP 443 connection, and then the time exceeds, any ideas on how to add the switch?

Brash · ‎Oct 26 2023

I'd first suggest checking the pre-requisites and making sure you've got the relevant ports enabled through the upstream firewall. You can use telnet to do some manual checks from the switch.

Cloud Monitoring for Catalyst Onboarding - Cisco Meraki

Other than that, you can click the link "logs" in the bottom right of the onboarding application, it should download a text file detailing every step performed and the exact step that it failed at.

uqicperez · ‎Oct 27 2023

Reviewing the logs, this is what appears to me:

[2023-10-27 12:51:12.028] [info] ----------------- CMD RESULT ------------------
[2023-10-27 12:51:12.028] [info] cmd: telnet us.tlsgw.meraki.com 443
[2023-10-27 12:51:12.029] [info] timeout: 65000
[2023-10-27 12:51:12.029] [info] res: telnet us.tlsgw.meraki.com 443
[2023-10-27 12:51:12.029] [info] -------------------------------------------------------

[2023-10-27 12:52:11.088] [info] Client :: connection error Keepalive timeout
[2023-10-27 12:52:11.090] [info] Client :: connection close
[2023-10-27 12:52:11.090] [info] Client :: closed
[2023-10-27 12:52:51.873] [info] ----------------- CMD TIMEOUT ------------------
[2023-10-27 12:52:51.873] [info] cmd: telnet us.tlsgw.meraki.com 443
[2023-10-27 12:52:51.874] [info] timeout: 65000
[2023-10-27 12:52:51.874] [info] res: telnet us.tlsgw.meraki.com 443
[2023-10-27 12:52:51.874] [info] expects: [{"expect":{},"haltOnMatch":false,"matchedPromise":{}},{"expect":{},"haltOnMatch":false,"matchedPromise":{}}]
[2023-10-27 12:52:51.875] [info] -------------------------------------------------------

[2023-10-27 12:52:51.877] [info] Pre-check error occurred. Sending error to the UI [sw-894d05f0-75df-4ed9-8790-1cd138342626] A timeout occurred while waiting to verify configuration settings. Please try again.
[2023-10-27 12:52:51.897] [info] CLIENT_EVENT :: Client received device pre-check error [sw-894d05f0-75df-4ed9-8790-1cd138342626] {"id":"sw-894d05f0-75df-4ed9-8790-1cd138342626","error":"Error: A timeout occurred while waiting to verify configuration settings. Please try again."}

I tested with an all to all policy and it still gives me the error, my firewall is a fortigate

PhilipDAth · ‎Oct 27 2023

Can your switch ping 8.8.8.8 (proving routing and general outbound connecting)?

Can you switch ping www.google.com (proving DNS)?

Are you using VRFs? If so, make sure you are doing the above tests from the correct VRF.

uqicperez · ‎Oct 27 2023

Hello,
I already checked and I can't ping from my switch to 8.8.8.8 and neither to goole.com

PhilipDAth · ‎Oct 27 2023

You need to fix your internal networking first. That sure that the switch has a default route pointing to your firewall, and that your firewall can see the traffic.

uqicperez · ‎Oct 30 2023

I have several vlans and they all have internet access, but curiously the vlan of my switch does not have internet access

PhilipDAth · ‎Oct 27 2023

Does the log on the Fortigate show the traffic, and that the traffic is being allowed?

PhilipDAth · ‎Oct 26 2023

The switch does not have https access to the Internet.