Meraki

LazerTony20 · ‎Apr 28 2020

Hi, i have a few devices (tablets) used in the enterprise that we want to block the internet access but want to leave access to our local web server. Any ideas ?

LazerTony20 · ‎Apr 29 2020

I Solved it by changing the rules to this:

1 | Allow | Any | 192.168.0.0/16 | Any | Allow Local Access

2 | Deny | TCP | Any | Any | Block Internet

View solution in original post

ww · ‎Apr 28 2020

Create a group policy with firewall rules. And assign the policy to the tablets

PhilipDAth · ‎Apr 28 2020

@ww is right, but note tablets often need to check into Apple/Google (depending on make) to maintain all sorts of different capabilities.

LazerTony20 · ‎Apr 29 2020

I tried this approach, but there is an issue. If I apply a firewall rule that looks like this:

1 | Allow | Any | 192.168.0.0/16 | Any | Allow Local Access

2 | Deny | Any | Any | Any | Block Internet

The Issue is that, it works only I apply it after the tablets have already joined the network and haven't changed AP. As soon as the devices change AP or get disconnected from the network, they cannot connect back.

(The error message on android is: "Failed to obtain IP address" and I have tried to add our local dhcp server's address as the first rule, but it still doesn't work).

LazerTony20 · ‎Apr 29 2020

I Solved it by changing the rules to this:

1 | Allow | Any | 192.168.0.0/16 | Any | Allow Local Access

2 | Deny | TCP | Any | Any | Block Internet

Meraki

Community

Block Internet but leave local access

Block Internet but leave local access