Meraki

Community

Site to Site VPN Firewall Rules

Aileron87
Comes here often
‎Feb 19 2021 3:21 AM
‎Feb 19 2021 3:21 AM

Site to Site VPN Firewall Rules

Hi,

 

When using site to site VPN, could you confirm if the outbound firewall rules applied to the VPN are used in conjunction with firewall rules at the remote side, much like 'no sysopt permit-vpn' on ASAs . For example if Site A sends traffic to site B through the outbound firewall but Site B has Firewall rules - will these still be looked at? 

 

Many thanks

0 Kudos
1 Reply 1
hidden0
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Feb 22 2021 8:09 AM
‎Feb 22 2021 8:09 AM

Hello @Aileron87 

 

The Meraki Go platform, as of today, does not support site-to-site VPN. You may be referring to the enterprise line of Meraki products.

 

However, to answer your question, the site to site VPN firewall rules on the enterprise line are organization wide. That means every MX will interpret them globally. So if site A sends traffic to site B but site B has firewall rules, the traffic will still be subject to them as they are global to all MX in the site-to-site VPN topology.

 

Looking for the Cisco Meraki enterprise community?

0 Kudos
Get notified when there are additional replies to this discussion.
© 2024 Cisco Systems, Inc.