The Meraki Community
Register or Sign in
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About mumbles202
mumbles202

mumbles202

Comes here often

Member since Apr 6, 2020

‎10-27-2020

Community Record

9
Posts
0
Kudos
0
Solutions

Badges

CMNA
First 5 Posts
Points Contest - Apr 2020 View All
Latest Contributions by mumbles202
  • Topics mumbles202 has Participated In
  • Latest Contributions by mumbles202

Access MX Local Interface

by mumbles202 in Security / SD-WAN
‎10-27-2020 07:24 AM
‎10-27-2020 07:24 AM
How would 1 access the local interface of the MX when sitting behind the MX?  So if the MX ip is 192.168.100.1 and the client has an ip of 192.168.100.10 should be able to browse to 192.168.100.1 or do I need to enable anything in the dashboard?  Right now the Local device status page is enabled but neither http://192.168.100.1 or https://192.168.100.1 connect to the interface.  Do I need to also enable the remote device status page? ... View more

Re: Non Domain Admin Users Unable to Sign into VPN using LDAP

by mumbles202 in Security / SD-WAN
‎05-01-2020 02:55 PM
‎05-01-2020 02:55 PM
So switched this to Radius instead of LDAP and getting the same.  Domain Admins get right in; remove the user from that group and it fails w/ an incorrect password.   ... View more

Re: Non Domain Admin Users Unable to Sign into VPN using LDAP

by mumbles202 in Security / SD-WAN
‎04-15-2020 08:32 AM
‎04-15-2020 08:32 AM
Modified the setup and found the same thing.  Domain Admins connect w/o a problem but standard users fail.  Looking into if a GPO might be causing the issue. ... View more

Re: Non Domain Admin Users Unable to Sign into VPN using LDAP

by mumbles202 in Security / SD-WAN
‎04-07-2020 04:08 PM
‎04-07-2020 04:08 PM
Thanks for the links.  Users are entering username as jdoe and then the password.  Fails normally, but if I add jdoe to the Domain Admins group (w/o making any other changes) that account is able to login w/o any issues.   ... View more

Re: Non Domain Admin Users Unable to Sign into VPN using LDAP

by mumbles202 in Security / SD-WAN
‎04-07-2020 01:43 PM
‎04-07-2020 01:43 PM
I get a 691 error in Windows. ... View more

Re: Non Domain Admin Users Unable to Sign into VPN using LDAP

by mumbles202 in Security / SD-WAN
‎04-07-2020 06:00 AM
‎04-07-2020 06:00 AM
Where is the search DN defined for VPN setup?  I know on an ASA that's available and critical but I didn't see that field anywhere on the Meraki dashboard.  The account i'm testing w/ is in a different OU than the domain admins but I've confirmed moving it to the same OU has no impact.  And leaving it in the original OU but making it an admin does allow it to connect. ... View more

Re: Non Domain Admin Users Unable to Sign into VPN using LDAP

by mumbles202 in Security / SD-WAN
‎04-06-2020 02:29 PM
‎04-06-2020 02:29 PM
Thanks for the idea.  Hadn't thought about installing another role on the DC, but that might be the easier route for sure.  I'll see about getting that role installed and creating a policy and then re-pointing the MX.   ... View more

Re: Non Domain Admin Users Unable to Sign into VPN using LDAP

by mumbles202 in Security / SD-WAN
‎04-06-2020 12:46 PM
‎04-06-2020 12:46 PM
I don't believe so.  I added the permission to the test account I've been using but that still failed. ... View more

Non Domain Admin Users Unable to Sign into VPN using LDAP

by mumbles202 in Security / SD-WAN
‎04-06-2020 11:45 AM
‎04-06-2020 11:45 AM
Remote access vpn works fine using Meraki credentials.  When we moved over to using AD we noticed that only domain admins are able to sign in.  The single DC is also a CA and has a certificate installed which is still valid.  If i take jdoe and attempt to sign in I get:   The remote connection was denied because the user naem and password combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server.   as soon as I add jdoe to domain admins however he is able to connect w/ no issues.  I'm trying to determine what would be the cause of this as the error points to a certificate issue but it works when the same user is an admin.  Has anyone seen anything similar?  Packet captures on a failed connection indicate a response is coming from the DC to reject the login.     ... View more
Powered by Khoros
custom.footer.
  • Community Guidelines
  • Cisco Privacy
  • Khoros Privacy
  • Privacy Settings
  • Terms of Use
© 2023 Meraki