Blocked device still connecting

ebaierl
Comes here often

Blocked device still connecting

I've got a user who is clearly torrenting and I want to block them. I changed their device policy from Normal to Blocked, but did not add a message, and it seemed they were blocked. But I check again today and they have managed to use a lot of data in only a couple hours by connecting to nearly a hundred IP addresses. This time I blocked them again and sent them a message, but I can't tell if it worked or not. It said they were blocked before, but still managing to get through somehow. 

 

Is there something I missed or some other way to do this?

6 REPLIES 6
Bettencourt
Meraki Employee
Meraki Employee

@ebaierl 

 

If you're absolutely sure that you applied the block policy to the client, then it's probably best is to contact support.

 

Australia/Asia-Pacific +61 286078968
Europe +44 203 808 7003
North America +1 415-937-6671

 

Keep in mind that the block policy uses the MAC address, and some OSs, Windows 10 is one of these, already include a mac address generator, which can cause havoc for a network administrator.

Well, it says blocked on the client page, and yet they are still connecting to and using bandwidth. I know they should be able to connect to the SSID, but they shouldn't be able to connect to the outside internet. I also tried setting up a group policy of banned uers and just blocking all traffic, and they were still getting through somehow. 

 

I'll have to give support a call and see what I'm doing wrong.

ww
Kind of a big deal
Kind of a big deal

Additional  you can try shape  the torrent traffic to as low  as possible

DarrenOC
Kind of a big deal
Kind of a big deal

Where and how are you blocking the client?

 

Please correct me if I’m wrong but you can only block using an MX or MR.  If you don’t have the above the dashboard allows you to block or whitelist the client but it’s not enforced.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
ebaierl
Comes here often

I was going through the Clients link on the MR AP page. It wouldn't let me block them completely though, it said they were blocked, but they were still using bandwidth. I was able to reduce their bandwidth as much as possible (down to 20kbps), which I think annoyed them enough to stop doing it, but they were not blocked. 

 

They have left the campground, so the issue is gone now, but I want to be able to have the option to do it in the future.

 

We do have an MX and three MR. I was going through the MR page though, didn't even think to go through the MX page, but I'll try that next time we have an issue.

Michael_Venema
Here to help

Also it's not very hard to spoof a MAC address even for a non technical user. I would recommend blocking the traffic type if you don't want to allow torrents at all. 

Get notified when there are additional replies to this discussion.