Community Record
9
Posts
5
Kudos
1
Solution
Badges
Nov 8 2018
8:50 AM
3 Kudos
I have resolved this issue. Inside of Azure, I deployed the Meraki vMX100 to a VNET 10.140.1.0/24 with a SUBNET of the same (10.140.1.0/24) My client VPN on the Meraki Dashboard for the vMX100 is 10.140.2.0/24 With this config, I could ping my device from a server in azure, but I could not ping the server in azure from my device connected to the VPN Therefore, in Azure, under the same VNET i created , I added an additional Address Space (it give you the option under the VNET Address space to do this) of my client VPN 10.140.2.0/24 And straight away I could ping both way. Hooray! 🙂
... View more
Nov 5 2018
10:58 AM
@PhilipDAth- I currently have "allow everything" both way on the vMX once connected to the VPN - the vMX also cannot ping me on the Client VPN IP i get, from when I defined. 10.140.2.0/24
... View more
Nov 5 2018
10:56 AM
Its not like a nomral MX, its like a VPN concentrator more then a firewall, it doesnt have the ICMP service option. - But I beleive from reading posts around the net, you should be able to receive ping response. I also cannot ping past the vMX100 device to my Servers. However: 1 - I can ping from the vMX100 to the Servers in Azure Server Subnet (perring working) 2 - I can ping from the Servers in Azure Server Subnet back to the vMX100 (peering the other way working) 3 - I cannot ping from the vMX to my device when I am connected to the VPN (and vice versa ofcourse) When I am connected to the VPN - I don't get a default gateway (Hence why I guess you need to enable split tunnel on the vpn nic) ( 'Azure VPN Nic' and 'home wifi nic' below:) --- PPP adapter Azure-Meraki: Connection-specific DNS Suffix . : IPv4 Address. . . . . . . . . . . : 10.140.2.185 Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : Wireless LAN adapter Wi-Fi: Connection-specific DNS Suffix . : home IPv4 Address. . . . . . . . . . . : 192.168.1.202 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.254 ---
... View more
Nov 5 2018
7:53 AM
Hello All! Thank you for taking the time to read this. I am having an issue with once connected to vMX in Azure using the Client VPN - I cannot get a ping response to the vMX100 in Azure First off - I have searched the entire breadth of the internet to try spot if I am missing something, but I just cannot find it - I also have a case open with Meraki which has been open for sometime without resolution. Therefore, I would be extremely grateful for any ideas / guidance. ------------------------------------------------------------------------------------------------ I have deployed a VMX100 into Azure using the CSP work around. - Shows online with Public IP in Meraki Dashboard. My vMX100 has its own dedicated VNET (Meraki-LAN) and Subnet dedicated to the vMX100 My Servers have their own VNET (Server-LAN) and Subnet (Peeing between the vMX VNET and my Server VNET With IP Forwarded Traffic on the Peering from meraki to Servers VNET) I have enabled Client VPN in the Meraki Dashboard. Azure VMX100: - VNET = 10.140.1.0/24 || Subnet = 10.140.1.0/24 (vMX gets IP of: 10.140.1.4) Meraki Dashboard Client VPN - 10.140.2.0/24 Servers: - VNET = 10.140.8.0/21 || Subnet = 10.140.8.0/24 ----------------------------------------------------------------------------------------------- Once the above was setup (Before I added any route table anywhere) I thought a good first test would be to Connect to the vMX100 using the Client VPN and Ping the vMX100's Local IP. I used Meraki Authentication, and connect to the VPN, it prompts me for username and password, and it then connects - I get a IP that I would expect. 10.140.2.86 - However, When I try to ping the Meraki (10.140.1.4) I do not get a response. I cannot work out why or how to resolve this. 😞 I also enabled Split Tunnelling (Just un-ticking a box in the IPV4 Advance settings on thje VPN NIC) (Windows 10) ------------------------------------------------------------------------------------------------ I guess after I have successfully got the device to ping with my local device I can then deploy a Route Table with the Client VPN route and the Servers Subnet in the table. Until then I am just trying to get the first part to work. Many thanks Adam
... View more
My Accepted Solutions
Subject | Views | Posted |
---|---|---|
9699 | Nov 8 2018 8:50 AM |
My Top Kudoed Posts
Subject | Kudos | Views |
---|---|---|
3 | 9699 |