04-01-2022 01:13 PM - edited 04-01-2022 01:46 PM
Hi.
I work at a public library and I want people who use our access points be able to connect to their work VPN's just like they would if they were at a coffee shop or at home. But so far, nobody can. That includes library staff who connect to our city's VPN with Global Protect. Global Protect works fine for us at home and at most places except here at the library.
We have a Meraki system including MR42 access points, an MS255 switch and an MX64 security appliance. There are actually three of these systems, one for each of our buildings. I have a laptop which I whitelisted for troubleshooting with no luck. Global protect connects and doesn't report any errors, but we cannot access our network drives.
I've checked all the settings with help from the Meraki hotline and found nothing that should be blocking this. Any ideas would be appreciated.
Ben
-- Update: It seems to be something to do with the access points. I just wired my laptop in to the switch and was able to see my drive
04-01-2022 04:37 PM
I´d would suspect about the MX64 security appliance. When you say you used the laptop, you still goes through the MX64 security appliance? Or you take a different path?
Some security device needs to be prepared to accept ipsec through .
https://documentation.meraki.com/MX/Other_Topics/Using_VPN_through_an_MX_Security_Appliance
04-02-2022 03:32 AM
Hi Flavio,
Yes, when I plug my laptop into the switch it's: laptop - ms255 - mx64 - street. Otherwise, it's laptop ~ mr42 - ms255 - mx64 - street. I can get Global Protect to work by using a cable to bypass the mr42, but I cannot get Global Protect to work using wifi through the mr42
04-02-2022 07:01 AM
One more question.
When you say "Global protect connects and doesn't report any errors, but we cannot access our network drives. "
Wondering, then you are able to communicate with this Global Protection service? I mean, you stablish a remote connection with something on the internet?
I am just trying to figure out the problem cause first it seems when you are on the wifi network you are not able to stablish vpn connection but the sentence above seems to say that you are actually stablishing the connection but with limited access.
04-02-2022 07:20 AM - edited 04-02-2022 07:26 AM
I mean the Global Protect client doesn't report any errors, and everything seems normal until I try to access the city's network drives. When I do try, I get a Windows error about the drive not being found ("check your spelling and try again" or something like that)
-- adding this because I re-read my answer and think maybe I'm just repeating myself. I'll have to get back to the building to do more troubleshooting. I'll try get more info about the connection when I do. Right now, all I can say is we connect wirelessly just like anyone would, then we start the Global Protect client. If we do this outside the building (at home or a coffee shop etc..) we can access our networked drives. If we do this in the building, we cannot
04-05-2022 09:53 AM
The problem is fixed by changing NAT mode to Bridge mode in the wireless settings. At least it's fixed for our staff. I'll have to wait for a customer to try to use their own VPN to make sure it works for our customers. I'm not sure what the downside of changing the setting is
10-11-2024 08:48 AM - edited 10-11-2024 08:49 AM
I have exactly the same issue with Client -> MR44 -> MX75 -> Bell/Aliant network. I've created one SSID and set the Access control to Bridged.. Will report if this worked.. It is specifically a problem with clients inside our Meraki corporate network trying to connect to a an external Health Provider service elsewhere in our town using GlobalConnect VPN. Thanks for taking the time to document your fix! Same identical issue.. works wired, not wireless.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide