The Meraki Community
Register or Sign in
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About AndrewR
AndrewR

AndrewR

Conversationalist

Member since Jan 24, 2018

‎02-20-2018
Kudos from
User Count
Dener
Dener
1
CharlesIsWorkin
CharlesIsWorkin
1
Netwow
Netwow
1
Pappaslim
Pappaslim
1
jbright
jbright
1
View All
Kudos given to
User Count
BlakeRichardson
Kind of a big deal BlakeRichardson
1
Mr_IT_Guy
Mr_IT_Guy
1
View All

Community Record

3
Posts
7
Kudos
2
Solutions

Badges

1st Birthday
First Solution
Lift-Off View All
Latest Contributions by AndrewR
  • Topics AndrewR has Participated In
  • Latest Contributions by AndrewR

Re: MX64 - Client VPN - NSLOOKUP - Shared Netwok Drive

by AndrewR in Security / SD-WAN
‎01-24-2018 11:47 AM
5 Kudos
‎01-24-2018 11:47 AM
5 Kudos
You'll want a rule that looks something close to, if not exactly like, this. The only part I am making an assumption on for you is the destination IP. I assumed your DNS server IP to be in the same subnet as all the file servers you are trying to access.     For troubleshooting, place this rule first at the top of your firewall rules list. Hit Save. Wait a minute or two for the config the update, and then test it out. You may need to reboot the vpn client, and/or disconnect/reconnect the vpn client for all settings to apply. Remember that this is an allow-all rule, which is ideal for troubleshooting, but you may want to make it more restrictive after you confirm what is causing the issue. ... View more

Re: MX84 limit client bandwidth to reduce VoIP problems

by AndrewR in Security / SD-WAN
‎01-24-2018 09:15 AM
2 Kudos
‎01-24-2018 09:15 AM
2 Kudos
Hi, I don't believe you can create what you are calling, a "bandwidth pool" on an aggregate basis. You can only set bandwidth limits on a per-client basis, not a per-group or per-pool basis.   The one exception to this that I am aware of is if you are running any Meraki wireless AP's, you can set a per-SSID bandwidth limit. I think that's kind of what you're wanting to achieve, but on the wired LAN. Here's a reference article, but still, not necessarily what you're asking for. Global Bandwidth Limit Considerations   Other measures you can take to improve performance: Do you have your VoIP traffic running on its own dedicated voice vlan? If not, I recommend doing so. This will give you some more granular controls, optimizations, and minimize broadcast traffic interference with your VoIP traffic. You could consider getting more prescriptive about what you are putting out over the fiber WAN vs. the coax WAN, and with Traffic Shaping, try to carve out lower priority traffic to the coax? There's A LOT you can do here. I recommend doing some data analysis first based on what historical data your MX84 captures, to help inform effective Traffic Shaping rules. 30 days of data is probably a good starting point. Lastly, if you leave your clients set to unlimited bandwidth, I don't think it matters what you do with anything else, you will always risk maxing out your 50/50 connection. I highly recommend a sensible per-client limit, but then layering in some basic traffic shaping that places more restrictive bandwidth limits on select, lower-priority services, and/or make exceptions to the per-client limit for high-priority services and/or clients (see Group Policies).   To give you some context of where I am coming from, we have two WAN's of similar size to yours, but with an average of 300+ clients connected.  ... View more

Re: MX64 - Client VPN - NSLOOKUP - Shared Netwok Drive

by AndrewR in Security / SD-WAN
‎01-24-2018 08:38 AM
‎01-24-2018 08:38 AM
My initial reaction is that the issue is at the firewall (Security Appliance --> Firewall), and the Client VPN subnet is not being granted access to server O and the URL you spoke of. I would double-check firewall rules first, making sure the proper exceptions are in place. When I first launched our client VPN I could not connect to anything on the LAN because it was all being blocked by the firewall. I had to then go insert some Allow exceptions.   For troubleshooting and to quickly prove/disprove this theory, you could put an Allow-All from VPN to LAN rule in to see if that clears your errors immediately, and if so, can then go back and adjust your rules to be more prescriptive.    I'll be curious to hear if that changes anything for you. ... View more
Kudos from
User Count
Dener
Dener
1
CharlesIsWorkin
CharlesIsWorkin
1
Netwow
Netwow
1
Pappaslim
Pappaslim
1
jbright
jbright
1
View All
Kudos given to
User Count
BlakeRichardson
Kind of a big deal BlakeRichardson
1
Mr_IT_Guy
Mr_IT_Guy
1
View All
My Accepted Solutions
Subject Views Posted

Re: MX64 - Client VPN - NSLOOKUP - Shared Netwok Drive

Security / SD-WAN
5679 ‎01-24-2018 11:47 AM

Re: MX84 limit client bandwidth to reduce VoIP problems

Security / SD-WAN
2433 ‎01-24-2018 09:15 AM
View All
My Top Kudoed Posts
Subject Kudos Views

Re: MX64 - Client VPN - NSLOOKUP - Shared Netwok Drive

Security / SD-WAN
5 5679

Re: MX84 limit client bandwidth to reduce VoIP problems

Security / SD-WAN
2 2433
View All
Powered by Khoros
custom.footer.
  • Community Guidelines
  • Cisco Privacy
  • Khoros Privacy
  • Privacy Settings
  • Terms of Use
© 2023 Meraki