On Cisco Meraki Go Firewall Plus GX50, how do I setup a VLAN for internal access only and block it from accessing the Internet?
I have a solution but I have to ask one question before I type it up.. Are you using DHCP on this network and if so is the GX50 the DHCP server?
Hi TyShawn-
Yes, I used GX50 as the sole DHCP for my entire network. I disabled DHCP on all smart switches and access points. Thanks!
Regards-
Mak
If you have another device on that network that can hand out DHCP (if needed) then you do the following:
Assuming this is a M-Go full stack
1. Create the VLAN on the switch
2. Go to the uplink port on Hardware / GX20 / See All Ports / Select the switch uplink port)/ Settings / Advance Settings / Configure VLAN / Change Allowed VLANs from "all" to the VLANs you want to access the internet.
If you don't have a full stack
1. Create the VLAN on your managed switch
2. Create DHCP pool on your switch or server of choice
3. Go to the uplink on you managed switch and remove the VLAN from that port
From my time with M-Go I did not see a firewall rules section. So to be able to be able to create a rule that says source VLAN X with destination Internet doesn't look to be available at this time. If I am wrong I am interested to be pointed in the right direction of the GUI.
Hi TyShawn-
Sorry been busy, and no, I don’t have full stack. I only have the GX50 Firewall and I use switches from other brand.
I am not sure I understand your below instruction, do you mind elaborate? Thanks in advance.
If you don't have a full stack
1. Create the VLAN on your managed switch
2. Create DHCP pool on your switch or server of choice
3. Go to the uplink on you managed switch and remove the VLAN from that port
What switch model?