Site to Site VPN Firewall Rules

Comes here often

Site to Site VPN Firewall Rules



When using site to site VPN, could you confirm if the outbound firewall rules applied to the VPN are used in conjunction with firewall rules at the remote side, much like 'no sysopt permit-vpn' on ASAs . For example if Site A sends traffic to site B through the outbound firewall but Site B has Firewall rules - will these still be looked at? 


Many thanks

Meraki Go Team

Hello @Aileron87 


The Meraki Go platform, as of today, does not support site-to-site VPN. You may be referring to the enterprise line of Meraki products.


However, to answer your question, the site to site VPN firewall rules on the enterprise line are organization wide. That means every MX will interpret them globally. So if site A sends traffic to site B but site B has firewall rules, the traffic will still be subject to them as they are global to all MX in the site-to-site VPN topology.


Looking for the Cisco Meraki enterprise community?