Can only reach a specific URL when connected via VPN – not from our wi-fi

Tintin
Getting noticed

Can only reach a specific URL when connected via VPN – not from our wi-fi

Hi everyone!

 

So I have this external URL that can be reached fine when connected to our VPN, but not when on the wifi in our office where I just get ”ERR_CONNECTION_TIMED_OUT”.

 

I don't see why accessing the URL only works when connected via VPN – there shouldn't be any difference when being on our wi-fi.

 

I wasn't involved in setting up the network and I'm new to Meraki, so not sure where to start looking for the cause of this.

 

Any ideas?

 

Thanks in advance!

 

Kind regards,

Tintin

4 Replies 4
ww
Kind of a big deal
Kind of a big deal

Are there any layer3 or layer7 fw rules or content filter on that ssid?

 

Your vpn client is using split or full tunnel?

 

Do you also run a meraki mx? If yes also check that for content filtering and layer 3/7 fw rules.

Tintin
Getting noticed

Thanks for your reply! 🙂

 

In Wireless > Access Control I don't see anything special and ”Content filtering” is disabled.

 

I think the VPN client is using full tunnel (not sure how to verify this but that's the default mode, isn't it?).

 

There is a MX100 here and looking at Security & SD-WAN > Configure > Content filtering I can't see anything suspicious (looks pretty empty).

PhilipDAth
Kind of a big deal
Kind of a big deal

Most likely, it's blocked when connected via WiFi, on purpose.

Tintin
Getting noticed

You mean it's a requirement for the server behind the URL?

At the same time, the whole idea of the VPN is to get the same kind of access as if one were connected to our wifi. But maybe... 🤔

 

I'll see if I can ask them (BMW).

 

I think I can share the URL, it's an Outlook mail server here: https://mail.bmwgroup.net

 

Thanks for trying to help. 🙂

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels