Meraki

Community

Secure Connect & 'Headless Devices'

Bobcheese2
Here to help
‎Mar 27 2025 4:52 AM
‎Mar 27 2025 4:52 AM

Secure Connect & 'Headless Devices'

Hi All, just wondering how customers are accounting for headless devices (printers, sensors & IoT devices as examples) within Secure Connect? Do you see any issues with their traffic flows and do you need to set up any bypasses around auth etc?

0 Kudos
1 Reply 1
JimPliss
Conversationalist
‎Apr 10 2025 6:48 AM
‎Apr 10 2025 6:48 AM

I place these devices into a separate network and mac lock the port to the device.
I then control access to these networks with firewall rules, and make them as specific as I can.
IE I have printers network, the printers are connected to the switch port assigned to that vlan only.
I use DHCP reservations to assign IP to the printers.
I then setup rules fro inbound and outbound traffic to and from that network.
IE rule that allows only our print servers port 9100 bidirectional, allows port 80 and 443 bidirectional to our IT workstations network., allow  587 to our o365 exchange and use email auth using a printers service account.
Log all the traffic so you can easily identify if someone is trying to do something they shouldnt or traffic is getting somewhere it shouldnt.

Hope this helps

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.