@Bruce is correct.   The issue mostly affects providers using SIP/UDP.  If you change to using SIP/TLS or SIP/TCP which has inbuilt connection monitoring methods it should start working properly. ... View more

You can also get the new Meraki MG21 and that will give you the mobility to move the device anywhere (even outdoors) for better signal. 😃 ... View more

Thanks for the reply, Philip, much appreciated.   The ambition is to have no inside server presence, so StrongSwan probably not an option, but I'm toying with the idea of relocating our Juniper SRXs when they're no longer required in our DCs, they would offer similar functionality.   But VMX is my preferred approach, will have a read and see if I can get all the stakeholders on board, and hopefully get some endorsement from Meraki to scale up that far - thus far they've advised us to run multiple VMXs, but that sounds like a little too much engineering to me.   thanks again Andy       ... View more

Linked Support Docs: https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Configuring_1%3A1_NAT https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/Firewall_Settings ... View more