Firewall rules for management acces to dashboard and api

Here to help

Firewall rules for management acces to dashboard and api



We need the ip addresses or address ranges that we can use to access the dashboard.  Both for API access and regular browser access.


We manage Meraki networks at several large and small organizations.


I can find the access rules for Meraki devices, but i need the access rules for management.

Kind of a big deal

@joopv : Using Network Objects may help you:


Cisco IT Blogs awarded in 2020 & 2021
Kind of a big deal

From the dashboard, in the top right, go Help/Firewall Info.  It will give you the firewall rules for that specific dashboard.


Note the required IP ranges can vary from customer dashboard to customer dashboard.

Thanks for the reply.  These firewall rules are meant for *Meraki devices* needing access to the Meraki dashboard.


I need the rules needed for management access (browser, API calls etc.) to the dashboard.


This is for a workstation needing access to *and only to* the meraki dashboard.


Kind of a big deal

For the API it would be:


Where <shard> is the shard your org is located on.

If you use MV, then there are going to be a bunch more for image retrieval (snapshot API).

If you use MQTT you are going to need to add in the MQTT servers that you use.


For the dashboard, that's a lot tougher.  There are the obvious ones:



That's assuming you use Meraki accounts.  If you log in using SecureX or SAML you'll need to add all those authentication URLs as well.


But then you also need all the URLs for all the components used.  If you go to Chrome developer tools (CTRL-SHIFT-I) and go to the "Sources" tab, and then load each page, you'll get the external domains also required.  For example:



Note that you won't be able to match on IP address, as a lot of these use load balancers with dynamic sets of IPs growing and expanding, so you have to match on FQDN.


If you use MV you are going to need to add in the URLs for the cloud proxies (if viewing from outside) or the cameras (if viewing from inside).


Thanks for your extensive answer!


We are already testing and punching holes in the firewall , using the developer tools.  Will update this topic.


Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.