First I would use a script to configure the client VPN on users machines. Then you know they are setup identically. I can recommend my client VPN wizard. https://www.ifm.net.nz/cookbooks/meraki-client-vpn.html If you are having specific users having the problem repeatedly - check their ISP router firmware. I have seen lots of problems with UDP NAT bugs breaking client VPN. Some ISP routers do dumb things like faxed a fixed period for UDP NAT translations, which simply causes the VPN to stop working a specific amount of time after connecting. Others maintain a table of a specific size dropping older entries as new ones are required. So yeah, start by checking that. Try an isolate the problem down further. Is the user able to try a different Internet access (4G, someone else's house, cafe, etc). Does the problem follow the user or does it only happen at their home? Assuming the above doesn't narrow the issue down further, would you be able to buy a single Z3 and get the user to try that? https://meraki.cisco.com/product/security-sd-wan/teleworker/z3/ That will help work out if it is the ISP (you now have the Z3 monitoring to look at) or the user machine. And of course, not to miss the obvious, there are user errors ...
... View more
