@NPBN wrote: My current theory is that the firewall rule to block access to local lan is also preventing them from connecting to their VPN-network, since they are often advertised as local lans. Do anyone else have similar experiences? That won't be the reason. The tunnel would be built to a public IP address outside your network. The addressing used inside the tunnel is not visible to Meraki. Are you using portal functionality on the guest network? If you are, any chance they're trying to build the tunnel before having gone through the splash procedure? Are there any firewalls on the path towards the internet? Edit: Also, what kind of VPN technology are they using? IPsec? SSL?
... View more