Meraki

Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MX450 device not pinging

Solved
SobyKuruvilla
Getting noticed
‎Jun 30 2020 3:01 AM
‎Jun 30 2020 3:01 AM

MX450 device not pinging

Hi All,

 

I am installing a new MX450 device. The Internet Port 1 is configured with Static IP using "Local status page" and connected to Switch and port is up. But I am unable to ping this static IP even from this directly connected Switch . I can see the mac table and ARP table is learning the mac address in the correct switchport and IP address .. But unable to ping the Static IP configured for the device.

 

MX internet port is configured without any VLAN tagging and switch port connected is an access port in the correct vlan of the static IP configured. 

 

Whether inbound ICMP is denied by default for the Internet Ports of the MX device ? 

 

Note the device is yet to be registered to the Meraki dashboard.

 

Thanks 

0 Kudos
1 Accepted Solution
In response to BrechtSchamp
SobyKuruvilla
Getting noticed
‎Jul 3 2020 3:16 AM
‎Jul 3 2020 3:16 AM

MX450 device is now pinging after registering to dashboard .. So, it seems that device is having default deny for inbound ICMP to WAN internet port. Once registered, the default config in dashboard with "allow any" for ICMP is pushed to the device. 

Cant find a documentation for the same in Meraki sites ..Please help if anyone finds it.

 

Thanks.

View solution in original post

8 Replies 8
rhbirkelund
Kind of a big deal
Kind of a big deal
‎Jun 30 2020 3:14 AM
‎Jun 30 2020 3:14 AM

Your MX450, might not be allowed to reply to ICMP pings.
Under Security & SD-WAN -> Firewall what does it say in the filed Security Appliance services?

 

rbnielsen_0-1593512048621.png

 

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
In response to rhbirkelund
SobyKuruvilla
Getting noticed
‎Jun 30 2020 3:24 AM
‎Jun 30 2020 3:24 AM

Thanks..As mentioned, the new MX device not registered to the dashboard yet as there some fw ports to be opened in perimeter firewalls.. 

 

anyway,  in dashboard it is "any" for ICMP ping

0 Kudos
In response to SobyKuruvilla
rhbirkelund
Kind of a big deal
Kind of a big deal
‎Jun 30 2020 3:45 AM
‎Jun 30 2020 3:45 AM

Ah, sorry, I didn't see your note.

 

If it's the first time registering, it is probably doing first time update. Try and give it some time. It's it probably downloading firmware,upgrading, rebooting a couple of times.

 

What colors in the status LED is the MX showing on the front?

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
In response to rhbirkelund
SobyKuruvilla
Getting noticed
‎Jun 30 2020 4:41 AM
‎Jun 30 2020 4:41 AM

No problem .. As said, there are some perimeter firewall ports to be opened to get it registered to dashboard.

 

But, question is, before registering to dashboard , can the internet port pingable ? I am trying from local switch itself where the device is directly connected so there is no routing issue.

0 Kudos
In response to SobyKuruvilla
BrechtSchamp
Kind of a big deal
‎Jun 30 2020 4:55 AM
‎Jun 30 2020 4:55 AM

I'm not sure what the behavior is before the cloud connection is established, but I would assume it's the same as the default cloud settings, and those are to allow ping by default:

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/Denying_Inbound_ICMP_on_the_MX

In response to BrechtSchamp
SobyKuruvilla
Getting noticed
‎Jul 3 2020 3:16 AM
‎Jul 3 2020 3:16 AM

MX450 device is now pinging after registering to dashboard .. So, it seems that device is having default deny for inbound ICMP to WAN internet port. Once registered, the default config in dashboard with "allow any" for ICMP is pushed to the device. 

Cant find a documentation for the same in Meraki sites ..Please help if anyone finds it.

 

Thanks.

In response to SobyKuruvilla
rhbirkelund
Kind of a big deal
Kind of a big deal
‎Jul 4 2020 1:00 AM
‎Jul 4 2020 1:00 AM

In retrospect, that kind of makes sense, actually. I probably wouldn't want an unprovisioned device responding openly to pings.
Great find, @SobyKuruvilla !
LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
0 Kudos
In response to rhbirkelund
SobyKuruvilla
Getting noticed
‎Jul 5 2020 5:20 AM
‎Jul 5 2020 5:20 AM

Thank you 🙂 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.