Meraki Community

sjlee

Dear

I checked meraki MX OS release note and I saw this message in Known Issues.

The Non-Meraki VPN service may fail to properly establish IKEv2 tunnels when the MX appliance is acting as the IKEv2 responder and many allowed subnets are configured.

In above context,,,

1) "many allowed subnets are configured" -> Is this mean there are many subnets in Private subnets??

2) "The Non-Meraki VPN service may fail to properly establish IKEv2 tunnels" -> Is this mean It may unstable Non-Meraki VPN tunnel connection and may occur repeatly many Non-Meraki VPN SA event log (down/up) ?

Is my understanding correct?
I appreciate anyone answer If know.

Thank you.

alemabrahao

Yes, it's correct.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

sjlee

Thank you for reply.

Because I'm just wondering.. For example, IKE version is 1 and there are many subnets in Private subnets. Even in this case, can it be included in the above?

Brash

1) "many allowed subnets are configured" -> Is this mean there are many subnets in Private subnets??

Yes, it is referring to the number of advertised private subnetes

2) "The Non-Meraki VPN service may fail to properly establish IKEv2 tunnels" -> Is this mean It may unstable Non-Meraki VPN tunnel connection and may occur repeatly many Non-Meraki VPN SA event log (down/up) ?

This I'm not sure.
If you believe you're hitting this issue, you may be better asking Merkai support as they can check internal bug notes and logs to confirm whether you're hitting this issue or not.

sjlee

Thank you for reply.

Meraki Community

MX 18.210 OS notes

MX 18.210 OS notes