Community Record
9
Posts
0
Kudos
1
Solution
Badges
Apr 10 2024
12:37 PM
This has actually turned into a Cisco Switch problem but it turned out the Verizon Cellular router thing absolutely hates static IP's and would not work with the firewall until I changed the uplink to auto-negotiate those settings, that cleared the error. It works now but now my new problem is that I can't raise my cisco switch even though I can pick up that cellular internet through it for some reason. I still don't have office network access without the VPN but for now restoring internet is the priority. But that's probably a switch issue which means Cisco, not Meraki.
... View more
Apr 9 2024
4:03 PM
Verizon router in question is a NCM1100E. We're in the process of moving the set up from one location to another so we were hoping this cellular router would let us avoid too many unnecessary changes but as soon as I hooked it up the Meraki firewall starts throwing an 'Bad IP assignment configuration' error. There's nothing actually connected to the Firewall beside the Verizon cellular plugged into the 'internet' port. What is it talking about? I already changed the WAN 1 configuration to reflect the IP4 settings on the cellular router.
... View more
Mar 8 2022
1:02 PM
That ended up being the solution. I'm waiting for an end user to confirm it works for them but my own testing demonstrated that it worked. I thought that setting was granting VPN users access to those given subnets so for security reasons I didn't want people with VPN access to be able to meddle with the VPN VLAN.
... View more
Mar 8 2022
12:48 PM
The hub is set to 'routed' mode, not 'passthrough or VPN concentrator.' The spoke is also set to 'routed.' Does the spoke's VPN config page matter? Because every VLAN we're trying to access has VPN turned on. Again, we're running our VPN out of our hub, not the spoke. The VLAN for VPN connections is on the hub. As for the hub's VPN config page, VPN is enabled for all VLAN's that we need access to, but the specific VLAN set aside for the client VPN has it disabled? I'm guessing that specifically refers to VPN access to objects located on that specific VLAN? @Ryan_Miles wrote: Could be the spoke is using split tunnel and traffic back to the VNP client via the hub isn't being advertised so it's going directly out the spoke's internet link? I have no idea. I know that the spoke's router connects to it's switch from one port, and then has a single internet connection, but for whatever reason it's not plugged into the designated 'internet' port.
... View more
Mar 8 2022
11:04 AM
VPN is allowed on both networks, Site-to-site VPN is active, every VLAN that would have network devices we are trying to connect to is allowing it, client VPN's are active on both networks, and I allowed the relevant user accounts in client VPN to connect to either network. All of this works normally, as intended when you're on the hub or spoke's network directly, and you can access anything you're allowed to access on either network. The problem only comes up when someone connects to the network remotely via VPN and then tried to connect or access something on the other network. Specifically I am trying to connect to the hub's network via VPN from home, and then access a device on the spoke's network.
... View more
Mar 8 2022
10:36 AM
Hello, I'm experiencing an issue that I've been able to replicate on standard user accounts and admin accounts, on multiple devices. I have two separate networks (meaning it's a two hour car ride from one to the other) both running Meraki MX64 routers that talk to each other, one's the hub, the other a spoke. As long as I am physically at either office I can access everything on the network fine, including RDP'ing (windows 10 computers, virtual machines running anything from Server 2010 to 2019) to virtual machines, accessing a file server, and a few physical devices like two security camera boxes. The problem I'm running into is when I connect to the office via VPN (Meraki's VPN service), which we run from our hub router, we can't RDP or access anything running out of our spoke's router. I get the same "make sure you typed in the address correctly" error as though I'd entered a bad address. I am out of ideas on what to even try at this point, and whatever my problem is the language is so vague that google searches find everything except my specific problem. It's not a permissions issue because even top level admin accounts can't access it, VPN is allowed on both networks, this works normally when I do it from the hub's network when I'm in the office, the only difference is that I'm connecting to the office via a VPN remotely instead of the office's network directly.
... View more
Labels:
- Labels:
-
Client VPN
My Accepted Solutions
| Subject | Views | Posted |
|---|---|---|
| 1351 | Apr 10 2024 12:37 PM |
