Meraki

Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

About SamW

Re: Help troubleshooting site VPN with Oracle Cloud - tunnel established bu...

by in Security & SD-WAN
‎Oct 2 2022 10:55 AM
‎Oct 2 2022 10:55 AM
I think I finally found out which Phase 2 parameter doesn't match, causing the Meraki MX to keep sending NO_PROPOSAL_CHOSEN back to Oracle.  Oracle Support told me this:   If using GCM, no authentication algorithm is required because authentication is included with GCM encryption. However, Meraki does not have AES-256-GCM for phase 2 encryption, so an authentication algorithm is required. The following options are supported:   - HMAC-SHA-256-128 (recommended) - HMAC-SHA1-128   But the cryptographic technique HMAC is absent for Meraki as well.The messages like   set ikev1 error <14> received and ignored notification payload: NO_PROPOSAL_CHOSEN   will come up whenever the Phase 2 is reached.   I must find a solution and cannot just replace our newly purchased MX250.  Oracle has a list of "Verified CPE Devices" which include Fortinet, and we have a spare Fortigate 60F.   Any concerns with putting the 60F behind the MX250 and trying to establish the VPN connection between Oracle and the 60F? ... View more

Help troubleshooting site VPN with Oracle Cloud - tunnel established but wi...

by in Security & SD-WAN
‎Sep 23 2022 7:53 AM
‎Sep 23 2022 7:53 AM
We have a site VPN set up on our Meraki MX250 with a software vendor using Oracle Cloud.  The VPN connects fine as far as we can tell.  The application running through the tunnel works too, but with intermittent hiccups.  In the MX250 event log, I do not see any errors (that I can tell).  On the Oracle side, they do see errors and believe the errors are causing the hiccups (dropped packets).   Below is an excerpt from the Oracle error log.  I see ikev1 error <14>, which I believe indicates a Phase 2 mismatch?  But if there is a mismatch, how does the tunnel come up in the first place?  And could this cause data to be intermittently dropped?  Am I going down the wrong path thinking it is a Phase 2 issue?   I have more details from the Oracle error log if needed.  Thanks in advance for your help!   ... View more

Re: Non Meraki site to Site VPN with Oracle Cloud

by in Security & SD-WAN
‎May 16 2022 2:50 PM
‎May 16 2022 2:50 PM
Hi, reviving this thread as I need to set up a site-to-site VPN from my Meraki MX250 with a business partner using Oracle Cloud.  I'm looking for assistance with the Meraki IPSec settings to make this work?  Oracle lists them below, but I'm thinking someone has some real-world experience or advice?  Thanks in advance!   https://docs.oracle.com/en-us/iaas/Content/Network/Reference/supportedIPsecparams.htm#Supported_IPSec_Parameters ... View more
© 2024 Cisco Systems, Inc.