Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
About mpat
mpat
Here to help
Member since Aug 31, 2022
Community Record
12
Posts
0
Kudos
0
Solutions
Badges
Feb 8 2023
7:29 AM
I have a quick question, on which interface is the 250Mbps system-restriction applied ? Just uplink or also on all four LAN ports too ?
... View more
Oct 19 2022
7:03 AM
yup. A L3 switch.
... View more
Oct 19 2022
6:32 AM
Gents, Your help much appreciated. There was a missing default route on the switch for traffic to be sent back ! simple things in life are often ignored. My bad. Matter closed.
... View more
Oct 18 2022
5:23 AM
No group policy. its fresh off the box.
... View more
Oct 18 2022
5:23 AM
no group policy.
... View more
Oct 18 2022
5:17 AM
yes. the default GW is configured as Meraki's IP on that LAN access port. actually the IP of the switch is up/up. and when I log onto the switch locally, it CAN ping Firewall's IP. but it cannot ping the VPN client (currently connected). and the pings from client to switch do not work either.
... View more
Oct 18 2022
5:06 AM
My bad. I should have said - its a switch, not a server. directly connected switch.
... View more
Oct 18 2022
5:01 AM
actually its a switch. no FW on there. Are the clients allowed to communicate with connected end devices ? I don't have any L3/L7 FW rules or forwarding rules configured. yet.
... View more
Oct 18 2022
4:53 AM
apologies. well spotted ! It was a typo. the server is connected to a LAN port.
... View more
Oct 18 2022
4:44 AM
setup : - MX64 in Routed mode. - Anyconnect installs route to a specific mgmt vlan. - server is connected to WAN LAN port, which is configured as Access port on Meraki side. issue: When I am successfully connected to the MX, via Anyconnect, I am trying to ping + ssh to the server. But it times out. Is there something basic missing here ? I am under the impression that once MX installs the route onto client machine, all comms should be opened up - it being a trustworthy inbound connection.
... View more
Aug 31 2022
5:02 AM
Great. Thanks for a quick response. One more clarification : both traffics mentioned in my original post, are going to be isolated, right ? i.e. I don't want the traffic originating from the local LANs, and destined for The Internet (e.g. AWS), to enter my Anyconnect tunnel. Regarding Anyconnect license : If I have read it well, my macbook Anyconnect's existing license should allow me to initiate a connection to remote MX64. and the remote MX64 doesn't really ask (or enforce) Anyconnect license - just an 'accept the T&Cs warning' right ? Thanks for the end-of-sale warning. good point. I will look into the End-of-support dates of MX64 and also MX67.
... View more
Aug 31 2022
4:41 AM
I am thinking of buying (and installing) a MX64 at a simple and small customer location, that I am expected to support remotely. But I need to understand if it can fulfill my two requirements below >>> 1 - I need to securely access two local vlans at remote customer's site i.e. Outside-in mgmt access. If it helps, I do have an existing Anyconnect client on my Macbook. 2- At the same time, both those internal customer VLANs need to 'see' the internet and hence NATing required.i.e. inside out NAT'ing Can MX64 do both things simultaneously ? I am confused between the passthrough/Concentrator mode v/s Routed mode and how they fit into my fulfilling my requirements.
... View more
© 2024 Cisco Systems, Inc.
