Community Record
6
Posts
2
Kudos
0
Solutions
Badges
Sep 29 2022
11:14 AM
Microsoft suggested they are dropping the basic skus for public ip addresses. VMX-s devices deploy a public ip address with a basic sku. How do we upgrade this to standard sku? The resource group that the ip is deployed to wont let you change it. It throws a permissions error. Is it supported to create a new public ip address in azure in a completely different resource group and bind that back to the VMXNIC interface in azure? I would suspect you could 1. set a static ip address and 2, it would deploy a proper standard sku. What happens to all the existing vmx appliances deployed in azure when they drop those basic skus? Has anyone upgraded from a basic sku ip address to a standard sku and if so, how? What is the officially supported way? An email from MS was released: Says we have until Sept 2025 but mostly want to get a jump on this to upgrade all instances before that time. I am deploying a new VMX right now and cant seem to change anything about the basic sku.....even disassoicating the ip and upgrading and and trying to re-associate it back to the vmx interface generates a permssions error about the VMX resource group.
... View more
May 31 2018
10:11 AM
which devices? I show most of my devices are 13.33 and considered current via the portal. The beta firmwares i show only go up to 14.xx. No 15 options at all for firmware versions.
... View more
Oct 30 2017
2:03 PM
Nope. Same here. Since 2014. Recent ASA Code 9.8.2 seems to have helped as well as running 12.26 on the MX side but they still go down once and a while. It used to be as much as multiple times of day to a couple times a week now. ...which is much much better than it has been.
... View more
Sep 15 2017
7:31 AM
Interesting. We do have a couple older asas running 9.5.2 and had locked up VPNs over the past few days. I checked "sh crypto ipsec sa inactive" and it came back with 0. I must have a different issue here. Good feedback though. I hadnt heard that one before.
... View more
Sep 13 2017
8:00 AM
yes. 9.8.2 at this time.
... View more
Sep 13 2017
7:31 AM
2 Kudos
WE have a situation where we manage site to site vpns between Meraki devices and Cisco ASA devices. WE can establish a site to site VPN fine but after a undetermined / random amount of time the tunnel will stop passing traffic and we have to force a rekey on the ASA side or force the vpn down and back up on the Meraki portal side but shutting VPN settings off and turning the back on. WE have been back and forth with support for both ends, set recommended ph1 and ph2 timeouts, disabled dpd and other misc settings but the issue remains. WE always attempt to be the on the latest firmware on both ends. I am out of ideas. The strange thing is that the tunnel in the portal shows the green "up" icon and on the asa side it will still show "active" but no traffic will pass until you reset/rekey to force the tunnel reset. Looking for recommendations, ideas or feedback.
... View more
My Top Kudoed Posts
| Subject | Kudos | Views |
|---|---|---|
| 2 | 72290 |
