Monday, July 22, 2019

Google Cloud VPN to Meraki MX

Hi,

I am trying to set up a GCP VPN to ur internal Meraki MX network. I have created a Cloud VPN Gateway and assigned a static Public IP address to it.

I then created a IKEv1 tunnel in GCP to the Meraki MX. I have created the configuration on the Meraki side as well and used the following settings as per https://cloud.google.com/vpn/docs/concepts/supported-ike-ciphers

IKEv1

Phase 1 - AES128, SHA1, DH 2, Lifetime 36000

Phase 2 - AES128, SHA1, PFS 2, Lifetime 10800

The VPN tunnel turns to established on the GCP side, but the event logs on the Meraki show:

msg: failed to pre-process ph2 packet (side: 1, status: 1)

msg: failed to get sainfo.

The VPN tunnel on GCP then turns to First Handshake: Handshake with peer broken for unknown reason. Trying again soon.

I am a bit lost with this now, so wondered if anyone would have any guidance.

Has anyone managed to get Meraki talking to GCP VPN?



No comments:

Post a Comment