Question about bidirectional firewall rule listed in Help>Firewall Info

SOLVED
LaneMatt
Conversationalist

Question about bidirectional firewall rule listed in Help>Firewall Info

If this is a bidirectional rule wouldn't the source and the destination be the same? Instead of the destination being any? Or am I misunderstanding something?

Your network(s), 209.206.48.0/20, 216.157.128.0/20, 158.115.128.0/19Any 443TCPbidirectionalMV cloud archive; Meraki cloud communication, customer-hosted Scanning Push API server: api.serviceprovider.net:443 Access points, Cameras

 

Thanks for your help!

1 ACCEPTED SOLUTION
PhilipDAth
Kind of a big deal

It's not described well, is it.

 

The cameras only need to be able to connect out.  They will establish an outbound TCP connection and reply traffic has to be allowed in.

Every Internet-facing firewall uses stateful rules for this, so simply allowing the traffic out implies that want to allow the reply traffic to come back in.

View solution in original post

1 REPLY 1
PhilipDAth
Kind of a big deal

It's not described well, is it.

 

The cameras only need to be able to connect out.  They will establish an outbound TCP connection and reply traffic has to be allowed in.

Every Internet-facing firewall uses stateful rules for this, so simply allowing the traffic out implies that want to allow the reply traffic to come back in.

View solution in original post

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.