by default everything is allowed in Meraki, so the normal policy (default) will "obey" everything you have applied in the firewall settings (L3 rules, L7 rules, content filter, etc).
So if you want to block everything by default you should start with these settings.
that mean new device connected network lan will allow acces all, because new device inside to policy normal (default)
in case im need new device connected lan = block and need permit to allow any access.
how im can config it?
i have set vlan subnet 10.62.202.0/24 vlan ID 1 Group Policy Staff
but im check Monitor - Client Policy Normal, why like that?
no client at group policy Staff
why still at group policy normal?
You can create a group policy blocking everything and directly apply the VLAN interface, and allow access as needed.
Of course, this is one of the options, another way to restrict access (I particularly like this one more) is to configure the Access control.
Look at these articles:
To answer your question, the policy is applied directly to the interface, so on clients it will continue to be displayed as normal unless you apply the policy on the client.
Don't try to understand, just accept.
Try configure like this:
But I really recommend that you study more about the features. You can take the online training here:
I use another method to block new users connected Lan Network, user must need permit.
im just config at firewall
permit Group Objek any any
Deny Segment Lan
thanks for discus sir