[TSHOOT] Troubleshoot Non-Meraki VPN Tunnels with Cisco Meraki MX Security Appliances

Today I ran into the issue with non meraki site to site VPN. I watched all your videos last week and was struggling fix the issue today before I ran in to this video of your posted 2 days back which helped identify and fix the VPN tunnel of our data center to client site. Thanks a lot and keep sharing the knowledge. Cheers!

MAN... I really like your videos man.
Thank you for the content.

Thank you, I learned more than just how to configure a VPN, thank for breaking down the packet captures, greatly appreciated.

thank you for your time, it was very usefull
greetings from Brazil! :-)

Excellent :)

Trying to VPN between MX64 and MX250 on different meraki sites. The only entry in the event log on the MX250 is: Non-Meraki VPN, Non-Meraki VPN negotiation,msg: FIPS mode disabled. Nothing on MX64. When they were both in the same site the automatic VPN worked fine.

why do you have such a detail event log on your dashboard? I only have established IKE-SA event on my dashboard

Hello, I’m currently encountering an issue with our non-Meraki site-to-site VPN setup. For several months, we’ve enjoyed a consistent and stable connection to our remote site. However, starting last Thursday, the connection dropped unexpectedly. Strangely, the VPN status appears green and connected, but I’m unable to reach the other end’s local subnet, and vice versa. Upon inspecting the logs, I noticed an established tunnel connection, but the packet tracer indicates dropouts or retransmissions. I couldn't see from the event logs the negotiation phases as well. Already sent a ticket to Meraki support and since then they're still troubleshooting the issue. Hope you can provide some clarity/ advice on this? Appreciate you videos/content that you put up online. Have a good day!

Hi, this is great video, and very helpful.
But I have an issue. I followed your video to create non Meraki peer, but it does not seem to start negotiating. No log is generated for "All Non Meraki / Client VPN". I have also pinged the destination, but still no luck. Is there anything else I need to do to start the IKE negotiation?

Question Sir, for the Phase 2 configuration is it better to be one encryption and 1 authentication. I am not really sure why in our organization, 4 encryptions are present (AES 256, AES192, AES128 and 3DES), and two on the authentication (SHA1 and MD5). and right now I am having trouble with the Non-meraki site to site vpn :D

I have a meraki making a vpn against an ASA. the tunnel is up but some services don't work (sap, proxy), the ping responds in both directions but for some reason they don't work. Has anyone had this problem?

Thanks man. That is very useful but I got this in my event log. Non-Meraki / Client VPN negotiation msg: no policy found: 10.10.60.0/24 (my local address) [0] 10.247.51.0/24 (my remote address) [0] proto=any dir=in. I don't know what happen

Hey nice video ! I'm sorry but where do you get all the materials to make your test, are some kind of millionaire ???

All I get is msg: FIPS mode disabled, lol