Meraki

Community

About RB___

Re: Meraki MX68 to Ubiquiti EdgeRouter Lite VPN not working (non-Meraki VPN...

by in Security & SD-WAN
‎May 14 2021 11:56 AM
2 Kudos
‎May 14 2021 11:56 AM
2 Kudos
That was it!   So for anyone else stumbling on this post what I had to do was configure the Remote ID field the same as the Public IP field of the peer on the MX68. Once I did that and all the other settings were matching the tunnel came up instantly and I was able to pass traffic.  ... View more

Re: Firmware 15.42.1 problem in non meraki vpn peers (MX67)

by in Security & SD-WAN
‎May 13 2021 9:44 PM
‎May 13 2021 9:44 PM
Hey @endrianusgohan! I seem to be experiencing the same issue as you did, but haven't gotten mine to work. Could you provide me with the exact Remote ID config that you used on the MX? For example in my case the peer has public IP 207.16.X.X, and only a single LAN with the peer being 10.1.1.1 (10.1.1.0/24 being the remote subnet I am trying to reach). So in my case would I configure 10.1.1.1 as the Remote ID on the Meraki? Any clarity you can provide would be greatly appreciated!   ... View more

Re: Meraki MX68 to Ubiquiti EdgeRouter Lite VPN not working (non-Meraki VPN...

by in Security & SD-WAN
‎May 13 2021 9:42 PM
1 Kudo
‎May 13 2021 9:42 PM
1 Kudo
Oh this could be something! I am going to try this tomorrow and see if it works. Fingers crossed! Will updated when I can ... View more

Re: Meraki MX68 to Ubiquiti EdgeRouter Lite VPN not working (non-Meraki VPN...

by in Security & SD-WAN
‎May 13 2021 2:13 PM
‎May 13 2021 2:13 PM
Interesting point Bruce thanks! I am on the newest 15.42.1 firmware for the MX68. I currently do not have the Local or Remote ID configured for the  peer on the MX68 (Just obviously the public IP that the peer has).    I do not see anywhere on the Ubiquiti end where I can configure a Local or Remote ID but I will have another look. Their GUI is not friendly... and the user guide documents are not detailed enough.   Thanks! ... View more

Re: Meraki MX68 to Ubiquiti EdgeRouter Lite VPN not working (non-Meraki VPN...

by in Security & SD-WAN
‎May 13 2021 6:50 AM
‎May 13 2021 6:50 AM
Should be. I remember copy and pasting the PSK again on each end when I was trying to bring it up. I will be trying it again this coming Monday.   I will first be trying to do it with PFS disabled, since I have read that sometimes that causes problems. And I will be sure to take packet captures this time to see the packet info.   Thanks! ... View more

Re: Meraki MX68 to Ubiquiti EdgeRouter Lite VPN not working (non-Meraki VPN...

by in Security & SD-WAN
‎May 12 2021 7:39 AM
‎May 12 2021 7:39 AM
Hey Marc,   So I was replacing an existing EdgeRouter Lite with the MX68. the EdgeRouter Lite had the VPN tunnel established originally so shouldn't be an issue with FW rules or the ISP router blocking the IPsec ports.   Definitely have the correct subnet on the MX68 side and it is enabled (on) for S2S VPN as well. Public IPs are all good as well.   The one thing that may cause an issue is PFS. So originally I saw that PFS was off on Meraki, but appeared enabled on the EdgeRouter Lite. So I enabled PFS on the MX68 but that didn't seem successful. Should I try with disabling PFS on both devices instead?   When I check the event log on the Meraki it appears that Phase 1 is successful but Phase 2 is failing. These seem to be the errors I am getting:   THanks, ... View more

Meraki MX68 to Ubiquiti EdgeRouter Lite VPN not working (non-Meraki VPN tro...

by in Security & SD-WAN
‎May 11 2021 7:02 PM
‎May 11 2021 7:02 PM
Hi guys,   I am having a very difficult time to get a VPN tunnel up between my EdgeRouter Lite and my Meraki MX68 firewalls. No matter the settings I change I can't seem to be able to pass traffic over the VPN tunnel site to site. I am using IKEv1 on both devices. The shared secret is definitely correct on both ends.   These are the VPN settings I am using on the Meraki MX68:   Phase 1 Configs AES 128 SHA 1 DH Group 14 Lifetime (seconds) 28800   Phase 2 Configs AES 128 SHA 1 PFS Group Disable Lifetime (seconds) 3600 Remote Subnet: 10.1.1.0/24   And these are the VPN settings I am using on the EdgeRouter Lite. I was not able to change any other config options through the GUI (I am not skilled enough to configure it through the CLI) AES 128 SHA1 DH Group 14 Local Subnet: 10.1.1.0/24 Remote Subnet: 10.2.1.0/24   From what I know these configurations should work but I just can't seem to get traffic to go over the tunnel. I've tried changing the DH group, lifetime values, enable PFS on the Meraki end for Group 1 etc. Anyone have any insight or experience with and EdgeRoute Lite to Meraki VPN before?     Honestly any support will help at this point as I've spent all day on this. I tried getting Meraki support to assist as well and all they mentioned was that Phase 1 was establishing but not Phase 2.   Thank you, Ryan ... View more

Non-Meraki VPN network reachability

by in Security & SD-WAN
‎Jul 7 2020 1:12 PM
‎Jul 7 2020 1:12 PM
Hi Guys,   Currently my setup looks something like this: Edge-MX >>> AutoVPN <<< Main-MX >>> IPSEC <<< ASA   The MX at the main site has a VPN peer configured with the ASA and have networks exchanged between them. The Edge and Main sites MX devices uses Meraki AutoVPN for connection between some internal networks.   My question is: How do I configure my devices so that the Edge site can access the networks through the ASA VPN peer. Do I need to configure the edge-MX to peer with the ASA as well? Would I just need to setup a static route pointing to the ASA networks using the main-MX as the next-hop?   I feel like this should be quite simple but I'm scratching my head about it.     Thank you!     ... View more

Re: Update your avatar, win Meraki swag!

by in Community Announcements
‎Jun 25 2019 11:16 AM
2 Kudos
‎Jun 25 2019 11:16 AM
2 Kudos
I have a new avatar! ... View more

Re: This contest is ON POINT.

by in Community Announcements
‎Apr 24 2019 6:27 AM
3 Kudos
‎Apr 24 2019 6:27 AM
3 Kudos
Thank you Meraki this is awesome! ... View more

Re: This contest is ON POINT.

by in Community Announcements
‎Apr 2 2019 12:25 PM
7 Kudos
‎Apr 2 2019 12:25 PM
7 Kudos
This is an awesome community involved contest! ... View more

Re: Internet 1 Port not working after change - MX65

by in Security & SD-WAN
‎Mar 20 2019 8:26 AM
‎Mar 20 2019 8:26 AM
As others have mentioned, connecting to the local configuration page will provide you the ability to confirm whether or not that WAN 1 is statically configured.  Ensure that interface is configured for DHCP addressing and then reboot the device. ... View more

Re: Welcome! Please introduce yourself.

by in Community Tips & Tricks
‎Mar 20 2019 8:02 AM
5 Kudos
‎Mar 20 2019 8:02 AM
5 Kudos
Hello everyone, glad to be a part of this awesome community!   A bit about yourself & your work I am currently a 22 year old associate systems engineer at my company. I have been in my role for around 2 years all together, including internships. My focus is on R&S but as time/myself moves forward I will be getting into the security avenue of networking.   Your experience with Cisco Meraki Currently I have around 8 months of Meraki experience, which included me achieving my CMNO and CMNA. I have done a handful of deployments, one including a full stack for a multi-office 500+ client customer, and a deployment of over 250+ MX devices.   A fun fact about yourself I am a photographer for the provinces biggest modified car scene team (I am way to interested in the modified car scene) ... View more
© 2025 Cisco Systems, Inc.