NAT vs Bridged mode, How does it work?

Evilfish
Comes here often

NAT vs Bridged mode, How does it work?

Hi all,

 

we have deployed a product we call firewall-as-a-service, where we host ngfw for customers who then have their internetbreakout in our datacenter.

 

I need to know what protocols and ports Meraki talk with the cloudcontroller, so that I can open the right ports for the customers running Meraki behind our FW.

 

I am unable to find this in the official documentation from Meraki, but it might just be me who can't find it 🙂

 

Hope you lot can help me.

 

BR.

Henrik

6 REPLIES 6
HodyCrouch
Building a reputation

The exact ranges vary by customer and the specific features being used.

 

From Meraki Dashboard, go to the Help drop-down (top-right) and select "Firewall Info".  You will see a list of source, destination, port, port, protocol, direction, and description.  This information should allow you to correctly configure your firewall rules.

Sorry the board changed my headline.

 

I mean there must be some standard ports and protocol it talks with the dashboard in.

 

I refuse to accept the equipment does not follow a specific way of doing it, but if it really is like that,

then it is a problem for us.

 

BR.

Henrik

HodyCrouch
Building a reputation

Meraki does use standard ports and protocols for cloud management.  Some customers have additional communication needs for things like splash pages, RADIUS, Meraki APIs and so-on.  If you only need to support cloud management, you can probably use a single set of rules.

 

You might consider contacting Meraki support directly for assistance.  They may be able to provide more details.

@Evilfish - I can change the thread title if you tell me what you'd like it to be!

Caroline S | Community Manager, Cisco Meraki
New to the community? Get started here
PhilipDAth
Kind of a big deal
Kind of a big deal

@HodyCrouch  is correct - it is specific.  Attached is an example of Help/Firewall Info from one of my clients.  Note your firewall rule requiments may be different.  This is just an example.

 

Screenshot from 2019-02-19 07-33-40.png

That is correct that the exact firewall rules can vary based on what hardware you have deployed, what features you have turned on, and where you are in the world (which data centers).  One really nice feature of Dashboard is when you go to Help > Firewall Info that list of rules is automatically up to date, it's a snapshot based on what is deployed with what features.  Like for example if you don't have any AutoVPN, and then turn it on, you'll see UDP/9350 get added to the list for VPN Registry communications.  The official documentation is here https://documentation.meraki.com/zGeneral_Administration/Other_Topics/Firewall_Rules_for_Cloud_Conne...

 

Get notified when there are additional replies to this discussion.