cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

WIfi traffic over VPN issue

Highlighted
Here to help

WIfi traffic over VPN issue

Hi All,

I'll try to present here a  scenario that is geting close to scale to Cisco Meraki development support..

Please check the attached image to get the big picture, even the setup is dead simple.

Two different clients ( OSX & Win) are connected by Wifi without any issues in three different offices. Both offices have the exact same SSID config on the dashboard. AP's , Switches & MX Firmware are up to date at the same version.Not a single ACL or access policies on Switches. All client traffic (wifi & wired) on VLAN 1 on Sites B & C .

 

Well, those clients are opening a VPN tunnel using OpenVPN on Win client and, Viscosity on OSX client.

The tunnel opens just fine BUT when it comes to open a URL though the VPN , the web page simply do not load or it takes minutes to load a small %. they can ping the server though.

Here comes the weird stuff: When i plug those clients by wire on the same network, everything runs smoothly, so that URL is fully working.

If that client goes to site A , it gets to the URL without any issue.

 

On site B, i created a new SSID with the same config as Media but different name and then it worked.

I did the same on site C and didn't worked.

Along with Meraki support we tried to recreate the SSID, change different option, wipe clients browser cache and forget Wifi network.

....did not managed to find the root cause any ideas or similar issues ?

 

Thanks in advanced

 

 

 

 

Screen Shot 2019-03-29 at 14.35.07.png

 

2 REPLIES 2
Highlighted
Kind of a big deal

Re: WIfi traffic over VPN issue

This is almost certainly an MTU squeeze.  I'm not familiar with OpenVPN, but find out how to lower the MTU on the client.  I would go for 1400 bytes.,

Highlighted
Here to help

Re: WIfi traffic over VPN issue

Hi,

Yes, solved !! 2 out of the three scenarios that were having this issue where solved lowering the MTU to 1456. On the 3rd scenario the issue was solved changing the client IP assignment from L3 Roaming to Bridge mode. I guess the tunnels that are open between AP's on L3 roaming doesn't work properly if a VPN is open through them, probably at the end the MTU is related too but lowering it didn't worked. 

Anyway problem solved.

Many thanks Philip !

 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.