The Meraki Community
Register or Sign in
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About CashG
CashG

CashG

Getting noticed

Member since Jul 11, 2019

‎02-14-2022
Kudos from
User Count
UCcert
UCcert
2
cmr
Kind of a big deal cmr
2
Brash
Head in the Cloud Brash
2
BrechtSchamp
BrechtSchamp
1
nuo
nuo
2
View All
Kudos given to
User Count
UCcert
UCcert
1
WWWolf
WWWolf
1
kYutobi
kYutobi
1
ww
Kind of a big deal ww
1
timeshimanshu
timeshimanshu
1
View All

Community Record

46
Posts
10
Kudos
0
Solutions

Badges

First 5 Posts
First 10 Kudos
Lift-Off
Points Contest - Jul 2019 View All
Latest Contributions by CashG
  • Topics CashG has Participated In
  • Latest Contributions by CashG

Re: Hesitation over VPN

by CashG in Security / SD-WAN
‎02-14-2022 06:52 AM
2 Kudos
‎02-14-2022 06:52 AM
2 Kudos
Contacted Cisco support and they said the VPN Registry is loaded pretty heavy and they will change the registry.  ... View more

Re: Hesitation over VPN

by CashG in Security / SD-WAN
‎02-11-2022 07:37 AM
‎02-11-2022 07:37 AM
This is the site-to-site VPN and only this one location is having an issue. There are 10 other locations configured the same way to connect back to a Hub.  ... View more

Hesitation over VPN

by CashG in Security / SD-WAN
‎02-11-2022 07:20 AM
‎02-11-2022 07:20 AM
I have one location that is experiencing a lot of hesitation in the system. Meaning they enter in some information and they have to wait a minute or two to get information back, but this only happens on and off. It will work fine for a while then act slow then work fine again and so on. They have a fiber connection there and the ISP says everything checks out on their end. When I look at their MX64 they are barely using any bandwidth and nothing looks wrong except every so often the VPN Registry will say  Partially connected sometimes then go back to Connected. Any help in trying to determine the issue is appreciated.  ... View more

Re: No Client VPN for anyone

by CashG in Security / SD-WAN
‎02-08-2022 01:34 PM
4 Kudos
‎02-08-2022 01:34 PM
4 Kudos
Ok, that fixed one Client now I just have to make sure everyone else is up to date.  ... View more

Re: No Client VPN for anyone

by CashG in Security / SD-WAN
‎02-08-2022 12:34 PM
‎02-08-2022 12:34 PM
I just now noticed another post about a Windows update. I'll try that.  😁 ... View more

No Client VPN for anyone

by CashG in Security / SD-WAN
‎02-08-2022 12:31 PM
‎02-08-2022 12:31 PM
So our Client VPN has worked fine for a long time but now no one can connect. Nothing has changed so I don't understand what is going on.  Client side they get the The L2TP Connection Attempt Failed Because the Security Layer Encountered a Processing Error. I've checked and the IKE and AuthIP services is running.  I tried to do a packet capture but not sure what I'm looking for. I do see one for the Clients IP and I see the ISAKMP Phase 1 where it says Next payload: Security Association (1) but I don't see anything about a Key Exchange. ... View more

Re: Client VPN on Chrome OS

by CashG in Security / SD-WAN
‎04-09-2020 09:03 AM
‎04-09-2020 09:03 AM
@BrechtSchamp No there is only one. We were trying it out to see how it works. All the Windows Laptops work.    I've tested here on a hotspot connection to rule out something with the clients ISP. Also logged into the Chromebook with my profile and still doesn't work.  ... View more

Re: Client VPN on Chrome OS

by CashG in Security / SD-WAN
‎04-09-2020 07:57 AM
‎04-09-2020 07:57 AM
@rwiesmann Yes, most of that has to do with Windows. I'm having an issue with Chrome OS and I don't have much experience with Chrome OS. I can use all the same settings and credentials on a Windows 10 computer and works fine.    First day I was testing I set it up and worked fine and then it wanted to do a update. After the update it wouldn't work but I told it to forget the VPN and I recreated it and it worked again. As far as I know there hasn't been another update and I've tried redoing the VPN.  ... View more

Client VPN on Chrome OS

by CashG in Security / SD-WAN
‎04-09-2020 07:28 AM
‎04-09-2020 07:28 AM
Has anyone had experience using Client VPN and Chrome books? I set a Chrome book up the other day and everything was working fine. The client said she disconnected the VPN when she went to lunch but could never get it to reconnect after. I even tried forgetting the VPN connection and recreating it and still nothing. I can however go to a Win 10 laptop and use all the same settings and it works fine. I don't know what this means but in the logs I see "invalid DH group 19" and "invalid transform-id=20 in ESP". ... View more

Re: Port Forwarding not working

by CashG in Security / SD-WAN
‎10-23-2019 06:33 AM
1 Kudo
‎10-23-2019 06:33 AM
1 Kudo
Ok so I looked at the Zosi Smart app and its similar to how our Amcrest cameras are. When you go to Add Device on the app and then select IP Camera you then select Camera C199 (thats your camera model). It wants to scan a QR code. From what I can tell its on the bottom of the Camera. Our Amcrest ones you can look under the Network settings and find the QR but I don't know if your camera has something like that.  As long as the camera can connect to the Internet and register itself with the Zosi cloud services you should be able to view it anywhere without setting up port forwarding. The camera probably registers itself using its Serial Number and then your app needs the QR code that contains the camera Serial Number to connect to it.    When you are looking at the settings are you using the app on your phone? Have you tried going to a PC on the same LAN and typing in the IP in a browser?   If that doesn't work you may need to use a different IP camera viewing app that allows you to view a camera by IP. Then I would try doing a 1:Many NAT Your Public IP - TCP - (Pick a public port) 1234 - LAN IP 192.168.128.73 - Local Port 37777 (37777 is a typical TCP camera video streaming port) - Allowed IPs Any Your Public IP - UDP - (Pick a public port) 1235 - LAN IP 192.168.128.73 - Local Port 37778 (37778 is a typical UDP camera data streaming port) - Allowed IPs Any ... View more

Re: Client VPN Windows 10

by CashG in Security / SD-WAN
‎10-22-2019 01:32 PM
‎10-22-2019 01:32 PM
Check to see if both the IKE and IPec services are running? I had one where the IKE service was not running.  ... View more

Re: Port Forwarding not working

by CashG in Security / SD-WAN
‎10-22-2019 01:22 PM
‎10-22-2019 01:22 PM
Is the camera connected to a DVR? From what I can find it talks about the DVR being connected to a Cloud service. We have Amcrest cameras that as long as they are connected to their cloud service we don't have to do any port forwarding. ... View more

MX load balancing

by CashG in Security / SD-WAN
‎08-29-2019 08:27 AM
‎08-29-2019 08:27 AM
Right now I have 2 MX84's at one location. The main one is connected to a fiber connection and the second is a warm spare connected to a cable connection. Each one is plugged into WAN1 of the MX. I'm guessing load balancing won't work like this? Do I need to connect the cable connection into WAN2 of the main MX also? ... View more

Re: MX in Passthrough

by CashG in Security / SD-WAN
‎08-08-2019 03:19 PM
‎08-08-2019 03:19 PM
No, there are 10 branch locations. Is there any documentation on what needs to be add? I couldn't seem to find any. ... View more

MX in Passthrough

by CashG in Security / SD-WAN
‎08-08-2019 02:41 PM
‎08-08-2019 02:41 PM
I have a MX 84 in Passthrough mode. I'm using a FortiGate 60E to do all the routing for the LAN. So it goes Internet  -> FortiGate -> MX 84 -> LAN. I have the MX with static IP on the same subnet as the LAN and going from the WAN Port of the MX to the FortiGate and then I'm plugged into a LAN port of the MX. The internet works, the Meraki dashboard says it has a VPN connection but I can't make any connections to the branch locations. There is nothing complicated at the branch locations, they are connected directly to a MX in routed mode. Is there anything special I need to do with the FortiGate to allow the VPN traffic?  ... View more

Re: VLANs what have I done wrong?

by CashG in Security / SD-WAN
‎07-24-2019 04:28 PM
‎07-24-2019 04:28 PM
@BrandonS " Or- hopefully the VIP is assigned tagged to a sub interface and in that case you would want the port connected to the server to be trunk with VLAN 8 tagged."   If I have it set with VLAN 8 tagged and VLAN 1 untagged you think 10.10.0.80 will still work? Or No VLAN 1 added at all? If so would the 10.10.0.80 still work? ... View more

Re: VLANs what have I done wrong?

by CashG in Security / SD-WAN
‎07-24-2019 04:08 PM
1 Kudo
‎07-24-2019 04:08 PM
1 Kudo
@nuo Ok I understand now what is going on and why its not working. I did have a PC plugged into the switch with an IP of 10.10.8.40 - The port it was plugged into set to Access with the VLAN set to 8. It worked so that tells me VLANs are working as they should. I was able to get to it and was able to ping other devices on the network. So now its just the UNIX server that I don't know what to do with. I cant set the port to access because it needs to use both VLAN's and setting it to Trunk isn't working.  ... View more

Re: VLANs what have I done wrong?

by CashG in Security / SD-WAN
‎07-24-2019 11:03 AM
‎07-24-2019 11:03 AM
@BrandonS This is what the Admin of the server sent me   The VLAN research I did for AIX highly recommends having VLAN take place in the switches NOT on the RS/6000 NIC cards.   There is not a static gateway for the VIO 10.10.8.60.    Since it is a virtual IP created by combining the 4 NIC that have 10.10.0.2 as their gateway, it has no entry.   Change / Show a Virtual IP Address Interface   Type or select values in entry fields. Press Enter AFTER making all desired changes.                                                           [Entry Fields]   Network Interface Name                                                               vi0   INTERNET ADDRESS (dotted decimal)                                    [10.10.8.60]   Network MASK (hexadecimal or dotted decimal)         [255.255.255.0]   Current STATE                                                                               up                     +   Network Interface(s) using this VIPA           Interface Name(s)                                                                  [en0,en1,en2,en3]       +           ADD/REMOVE Interface(s)                                                  ADD                    +   IBM RS/6000 IP information: It has a 4-port NIC card.   NIC:                            EN0 Hostname:                 cashwell IP:                               10.10.0.60 Newtwork Mask:       255.255.255.0 G/W:                           10.10.0.2   NIC:                            EN1 Hostname:                 cashwell IP:                               10.10.5.60 Newtwork Mask:       255.255.255.0 G/W:                           10.10.0.2   NIC:                            EN2 Hostname:                 cashwell IP:                               10.10.3.60 Newtwork Mask:       255.255.255.0 G/W:                           10.10.0.2   NIC:                            EN3 Hostname:                 cashwell IP:                               10.10.7.60 Newtwork Mask:       255.255.255.0 G/W:                           10.10.0.2     # named virtual ips 10.10.8.60      vipa60 10.10.8.10      vipa10 10.10.8.11      vipa11 10.10.8.12      vipa12 10.10.8.13      vipa13 ... View more

Re: VLANs what have I done wrong?

by CashG in Security / SD-WAN
‎07-24-2019 10:15 AM
‎07-24-2019 10:15 AM
@ww "but also some  servers can be capable of running on a trunk. so it  depends on your design and what you want to connect" I hope the server in question does. It has a 10.10.0.0 IP but has a VIP (Virtual IP) of 10.10.8.0 so I would need both VLANs on one port, right?   @BrandonS " Is it possible the Unix server has no default gateway assigned?  Or one different than you think it is?" EN0 on the server has a 10.10.0.60 with a Gateway of 10.10.0.2. However from what I understand the VIP is only an IP of 10.10.8.60. It being UNIX I'm not sure how it works. I am not the administrator of the UNIX server but I can access it and test things like ping, ftp, traceroute. Pings work fine from it cause it uses 10.10.0.60 but if I try to FTP to a printer, thats how the server sends print jobs, it wont work. I figured out that when I do a traceroute to a printer it uses the 10.10.8.60 IP.  I think my issue boils down to how do I tag the correct VLAN on one port since one port is using both VLANs.  ... View more

Re: VLANs what have I done wrong?

by CashG in Security / SD-WAN
‎07-24-2019 07:37 AM
‎07-24-2019 07:37 AM
@ww Someone said that the ports that connect the switch to the MX and from switch to switch should be set to Trunk then all the others should be set to Access. Does that sound right? ... View more

Re: VLANs what have I done wrong?

by CashG in Security / SD-WAN
‎07-23-2019 01:40 PM
‎07-23-2019 01:40 PM
@ww I cant ping across from my PC on 10.10.0.0 to anything on 10.10.8.0 threw the switch.  I could ping when I have a PC on 10.10.0.0 connected directly to the MX with its port set to Native VLAN 1 and then a PC on 10.10.8.0 connected directly to the MX with its port set to Native VLAN 8.   I've added the VLANs to my Cisco Switches,  I've added the the VLANs to the ports that need access to both subnets on the switch, everything is set to Trunk. I'm not sure what else I'm missing.  ... View more

Re: VLANs what have I done wrong?

by CashG in Security / SD-WAN
‎07-23-2019 05:50 AM
‎07-23-2019 05:50 AM
@Nash @nuo @ww Is there something I did wrong? Something I need to do?  ... View more

Re: VLANs what have I done wrong?

by CashG in Security / SD-WAN
‎07-22-2019 03:16 PM
‎07-22-2019 03:16 PM
I can't get anything on 10.10.8.0 to work once I switch over to the MX ... View more

Re: VLANs what have I done wrong?

by CashG in Security / SD-WAN
‎07-22-2019 06:45 AM
‎07-22-2019 06:45 AM
I'm going to be doing more testing later today. I only have a small window where I can switch the LAN over to the MX and test. I'm going to hook a PC to the same switch as everyone else on 10.10.8.0 and test. My issue is a Unix server that has a IP  of 10.10.0.60 but then also has a virtual IP of 10.10.8.60. The virtual IP has no static gateway set for the VIO.  ... View more

Re: VLANs what have I done wrong?

by CashG in Security / SD-WAN
‎07-19-2019 02:24 PM
1 Kudo
‎07-19-2019 02:24 PM
1 Kudo
@ww All I have set up are VLANs there are no static routes set. So I feel a little dumb, I didn't notice that when the PC connected it set it to a public network instead of private....so now I can ping both ways. I'll try connecting the PC into the switch next instead of directly connected to the MX. Something else do I need to set the ports on the switch to tagged? I just noticed they are set to untagged. ... View more
Kudos from
User Count
UCcert
UCcert
2
cmr
Kind of a big deal cmr
2
Brash
Head in the Cloud Brash
2
BrechtSchamp
BrechtSchamp
1
nuo
nuo
2
View All
Kudos given to
User Count
UCcert
UCcert
1
WWWolf
WWWolf
1
kYutobi
kYutobi
1
ww
Kind of a big deal ww
1
timeshimanshu
timeshimanshu
1
View All
My Top Kudoed Posts
Subject Kudos Views

Re: No Client VPN for anyone

Security / SD-WAN
4 486

Re: Hesitation over VPN

Security / SD-WAN
2 514

Re: Port Forwarding not working

Security / SD-WAN
1 5525

Re: VLANs what have I done wrong?

Security / SD-WAN
1 9501

Re: VLANs what have I done wrong?

Security / SD-WAN
1 9721
View All
Powered by Khoros
custom.footer.
  • Community Guidelines
  • Cisco Privacy
  • Khoros Privacy
  • Privacy Settings
  • Terms of Use
© 2023 Meraki