Guys, is there a way in meraki mx to block a lots of ip addresses in one entry?
Just like these ip addresses:
I want to block all of this in one entry in the firewall not manual per ip address or segment. Since in the Cisco firepower services, i am able to upload a list of ip addresses in a notepad.
Solved! Go to Solution.
Also did you just try doing the IP/32?
Just tried on 13.28 firmware (latest stable). Can confirm it works and not a new feature on 14.xx firmware.
I just spent the last 30 minutes going thru this. I was able to recreate the error you showed. The error only occurred when trying to summarize the IPs in Group Policy using "Custom network firewall & shaping rules". I am unable to combine multiple IPs into the one rule and the error message you showed is generated. This happens regardless of firmware version.
When placed in Security Appliance > Configure > Firewall, the rule works without any issue. This leaves me to believe that it is a problem with group policy looking for only ONE IP when creating custom rules. Have you tried placing the rule in the Layer 3 section of the Security Appliance > Configure > Firewall page? This will apply to ALL groups on your MX unless you create a custom rule under group policy. If everyone is to be blocked from these IPs, my recommendation would be to place it there.
Meraki newbie here. The answer you give looks to be for OUTBOUND traffic. This doesn't seem to be able to keep these IPs from hitting my devices behind our MX67. Obviously the OUTBOUND rule will keep any further traffic TO those problem IPs, but I'm wondering if this is sufficient. For example, what would keep IPs I've enter in this OUTBOUND rule from DDOSing my servers?
Thanks in advance for any clarity you might be able to shed on this matter!
Traffic can only come into your internal devices if they first made a request out - and that case is handled.
The other case is if you NAT/port forward an inbound port. In this case you wont be able to block the inbound packet. You can only create an "allow" list that blocks everything except what is listed.
You can bulk edit firewalls using the native Cisco Meraki API that utilize Postman.
You can build rules via JSON and use the PUT command to process them.
Check out Cisco Meraki API and Postman.