Recently I received a Cisco Meraki Z3 from my work to be used at home as a teleworker gateway. If you don’t know what a Meraki Z3 it’s a teleworker gateway that provides enterprise-class firewall, VPN gateway and router all in one.
MacOS Meraki VPN Setup Here are the basic steps: Open System Preferences Network from Mac applications menu. Click the “+” button to create a new service, then select VPN as the interface type, and choose L2TP over IPsec from the pull-down menu. Learn best practices for setting up Cisco Meraki Client VPN, both local authentication and active directory authentication. By using the built-in Meraki dyna. This is the line that I use for my Meraki Client VPN. It does have to be run with admin credentials for -AllUserConnection to work. Your add-vpnconnectionroute lines should have an -AllUserconnection argument as well.
Solved: Some details about the issue. I'm trying to connect to my client's network using VPN Client version 5.0.07.0290. The user authetication is done by providing RSA SecureID token value. Meraki VPN Client Setup. This short and sweet script will help with setting up the Windows VPN to use with Cisco Meraki firewall/routers. You can either run it raw or it can be included in your automation to deploy workstations at scale.
My coworkers that work with Cisco Meraki day in a and day out love this equipment.
In this article, we are going to create a site to site VPN with the Meraki Z3 and Azure VPN gateway.
Setup Meraki Vpn Client
The following steps are completed in PowerShell and take roughly 45 minutes to complete due to the creation time required for the VPN gateway.
Create Resource Group
Create a new resource group in your Azure subscription.
Create vNet and Subnets
Create a virtual network with two subnets. The first subnet called “default” is where your endpoints in Azure will reside. But you need to create another subnet called “GatewaySubnet”, it must be this name, or else Azure won’t treat it as a subnet gateway.
Create local network gateway (on-premise)
Create the local network gateway which specifies the specifics of your on-premises location. In the case of this example, my lab has three subnets I want to expose. The GatewayIpAddress parameter refers to your public IP address for your on-premises location.
Create Public IP address
Create the public IP address for your VPN gateway to be able to communicate back to your on-premises location.
Create the VPN Gateway Connectivity
Create the VPN gateway connectivity by assigning the subnet and public IP address.
Create the VPN gateway
We will combine all the previous steps to create a VPN gateway. Building a VPN gateway can take some time to complete, for me, it took on average 30 minutes to complete.
Configure the connection
Create and configure the connection between Azure and your on-site router. I used the cmdlet New-Guid to randomly generate a PassPhrase and output me the results so that I can use it in the next step to configuring pfSense.
Configure site-to-site VPN
- Login to your Meraki dashboard https://dashboard.meraki.com
- Go to Teleworker gateway and select site-to-site VPN
- On the site-to-site VPN page, under type select Hub (Mesh)
- Further down on the page, under VPN settings, select the appropriate local networks that will be available for the VPN connection.
- Continuing on the same page, under Organization-wide settings, Add a peer.
- The non-Meraki VPN peers will appear and add the required information:
- Name: provide name for the connection
- Public IP: public IP of the Azure VPN gateway
- Private subnet: Azure virtual network address space (do not enter individual subnets)
- IPsec policies: click on default and change the preset to Azure
- Preshared secret: enter the preshared key you used to create the Azure VPN gateway.
Verify connectivity
Setup Meraki Vpn
- Go to Teleworker gateway and select VPN status
- Go to Non-Meraki peer, ensure the status color is green.
- If the status is not green, go to the event log to troubleshoot.
I ran into a few issues during the setup and here are some of the errors I did and how I corrected it.
Setup Meraki Vpn On Android
- Azure VPN gateway was set to route-based. I had to delete the VPN gateway and recreate the gateway with the VPN type as Policy-based
- When configuring the site-to-site VPN on the Meraki dashboard, ensure the private subnets equals the address space configuration for your Azure virtual network.