What Would STOP a Known GOOD Meraki Z3 From Connecting via VPN?

NetworkingStudentNetworkingStudent Member Posts: 1,407 ■■■■■■■■□□
Hello TE,
In my current role we support call center agents that connects via VPN through a Meraki z3. These call center agents work from home. The Thin Client and VIOP phone run off the Meraki z3.

I need a better understanding of the Meraki’s specially the z 3’s

The Meraki’s work fine for months..days.., and then bam it stops working. Internet in the rest of the home works, but the VPN connection stops working.

The basic troubleshooting steps don’t always fix the problem:
Re-seat cables, swap LAN cables around, and reboots.

I have asked our networking team what we can do, but they say once the Meraki stops connecting to the Cisco cloud, then there is nothing we can do. The end user needs to call the ISP.

Could the ISP be blocking VPN traffic …?

Our next step
Have the end user call their ISP. Sometimes they call the ISP 2 or 3 times and nothing gets fixed. Often times the ISP runs a speed test and says it looks good.

Questions:

I was wondering what could the ISP do as some troubleshooting steps to get the VPN connection working again?

Also, why would the secure traffic work fine for (months, day , weeks), and then all of sudden it stops working?

Why does the secure traffic need a constant connection, while the unsecured traffic does not? think you tube, google ect.
When one door closes, another opens; but we often look so long and so regretfully upon the closed door that we do not see the one which has opened."

--Alexander Graham Bell,
American inventor

Comments

  • Neil86Neil86 Member Member Posts: 175 ■■■■□□□□□□
    Those are interesting devices. I'm not familiar with them but I'd like to be more familiar with Meraki.

    Are the client computers connected to the VoIP phones? Or do they have dedicated connections to the Z3? Maybe the phone can provide some logs if this is the case?

    Do you know if the Z3 has a GUI? I wonder if you could perform a remote session with the clients computer and be able to interact with the Z3 from there. I would assume it has logs that might be able to provide some info. Do you have the ability to remote into the client conputers? Maybe check the logs on the computer as well or log into the ISP's modem to check logs and configs there?

    Just some random guesses, as I am not familiar with them. But I'm interested in seeing what you come up with.
  • shochanshochan Member Posts: 962 ■■■■■■■□□□
    Perhaps if you have a backup config of your Meraki, if so, you could restore that config to the device & it should bring it back online. BUT if you don't have a backup of the config, reset it back to the defaults & reconfigure. Kinda sounds like a power surge might have reset the Meraki or corrupted the config thus why some of it works & some does, but it could be numerous of other things. Can you review the logs or do you have a log server setup for it? I doubt an ISP is going to block secure traffic unless their static IP is blacklisted somewhere. Just a few thoughts to ponder. I am not a Meraki guru either.
    2021 Goal ~ OSCP

    Urban Achiever~ A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+
    A.A.S - CIS
  • NetworkingStudentNetworkingStudent Member Posts: 1,407 ■■■■■■■■□□
    Neil86 wrote: »
    Those are interesting devices. I'm not familiar with them but I'd like to be more familiar with Meraki.

    Are the client computers connected to the VoIP phones? Or do they have dedicated connections to the Z3? Maybe the phone can provide some logs if this is the case?

    Do you know if the Z3 has a GUI? I wonder if you could perform a remote session with the clients computer and be able to interact with the Z3 from there. I would assume it has logs that might be able to provide some info. Do you have the ability to remote into the client computers? Maybe check the logs on the computer as well or log into the ISP's modem to check logs and configs there?

    Just some random guesses, as I am not familiar with them. But I'm interested in seeing what you come up with.

    Ahh the computers are thin clients. We can see some data from the Meraki dashboard. The phones and thin clients feed into the Meraki.

    So far we have gotten ot the point were if it isn't fixed, we just tell the end user to keep calling the ISP. If the Meraki isn't connecting, I have been told there isn't much we can do.

    We have been asking the ISP to see if they can reboot the modem. Sometimes the ISP will do maintenance in the morning , and that can block the VPN connection.
    When one door closes, another opens; but we often look so long and so regretfully upon the closed door that we do not see the one which has opened."

    --Alexander Graham Bell,
    American inventor
  • SpetsRepairSpetsRepair Cisco/Fortinet/Meraki/Comptia Member Posts: 210 ■■■□□□□□□□
    Do you not have meraki support to reach out to?
    I'm familiar with the Z1/z3s but i cant really be of much help but maybe try meraki support
Sign In or Register to comment.