Hey there,   Old thread, but did you ever get this resolved?  I am encountering the EXACT same issue where all connectivity seems fine but my SQL client app won't connect suddenly across the Meraki VPN client connection.  Worked fine for months before randomly quitting.  Windows firewalls disabled on client and server.  Let me know if you found a fix.  Thanks! ... View more

Great!  Thanks for replying and letting everyone know. ... View more

Yeah, it's totally ridiculous.  I just had one stop passing traffic this weekend.  When I looked at the ASA side (since you can't see s*** on the Meraki) there were two tunnels up and active - one with the ASA as the initiator and one with it as the responder.  Had to "cl isakmp sa" and everything started working again (but who knows for how long).  Meraki support is just terrible.  Every time I reach out to them I get a tech that can't really help at all.  Cisco TAC they are not.  They certainly act like they know what they are doing, but nothing ever really gets fixed.  They just don't have the knowledge and experience to support the product properly when something unusual goes wrong.   It is disappointing that this is even an issue.  I've done SonicWall-ASA tunnels, Watchguard-ASA tunnels, Fortinet-ASA tunnels - all work perfectly.  Meraki is owned by Cisco and they can't create a stable tunnel with the most industry-standard firewall imaginable.  Ridiculous.  So frustrated.  Maybe someone else can stay on support about this and give them a hard time.  I just don't have the time or heart any more. ... View more

Hi,   I still have not had any tunnel outages after performing the steps noted in my post above.  Still not totally convinced everything is fixed, but things are certainly WAY more stable than they were before.  I saw exactly what you saw - tunnel appears to be up on both sides but traffic stops passing.  Only way to fix was to clear the tunnel from the ASA side and allow it to rebuild.  This has not happened at all since disabling NAT-T on the Meraki (must be done by support) and adjusting the timeouts on both sides.  Also make sure to disable the data-based tunnel lifetime on the ASA, although this was never my problem. ... View more

Thanks everyone for the help.  I should also add that I opened a case with Meraki support and they disabled NAT traversal on the tunnel by changing some backend settings on the MX that we do not have access to.  That seems to have helped significantly - we have not had the tunnel go down in over a month at this point after making all the changes in this thread and having Meraki disable NAT-T.  We also adjusted the timeouts to 86400 for phase 1 and 28800 for phase 2.   I am still not convinced that the issue is resolved, but there is no question that things are much improved over where they were with the default settings.     ... View more

This same issue has been killing us for almost 2 years.  I have the exact same symptoms you describe on multiple ASA-MX VPN tunnels.  ASA-ASA tunnels, ASA-SonicWall tunnels and MX-MX tunnels are all fine.  Did you ever find a fix?   ... View more