Meraki

Community

Block intervlan routing MX64

EdgeFarming
Here to help
9 hours ago
9 hours ago

Block intervlan routing MX64

Hello,

 

I have following LAN networks.

LAN1 Vlan15   192.168.128.0/24

LAN2 Vlan10 10.10.10.0/24

 

I want to block LAN1 to access LAN1. I created rules under outbound rules but they are not working. Please check Attached screenshots.

 

Please let me know what I am missing.

Port Settings.pngoutbound.pngping .png

0 Kudos
5 Replies 5
ww
Kind of a big deal
Kind of a big deal
9 hours ago
9 hours ago

Fw rules do not work on active sessions. You need to wait like 10 minutes for the firewall to clear active session.

 

Or reboot the mx to clear all sessions

In response to ww
jimmyt234
A model citizen
9 hours ago
9 hours ago

As well as this you need to test using actual end user devices, and not ping the MX itself as it will often ignore firewall rules. (Unclear if .3 is a host of the MX itself)

In response to jimmyt234
EdgeFarming
Here to help
9 hours ago
9 hours ago

Yes, 10.10.10.4 is my PC and 192.168.128.3 is an Access Point. I will wait for 10 min to take effect. Thanks

In response to ww
EdgeFarming
Here to help
9 hours ago
9 hours ago

Hi, ok ok I will wait 10 min or reboot the router, I'll let you know.

 

is that time apply for every rule? I mean if I block 10.10.10.4 to access nike.com  Do I need to wait 10 min to take effect? Because I also tried that and didn't work. 

 

Thanks

0 Kudos
In response to EdgeFarming
ww
Kind of a big deal
Kind of a big deal
8 hours ago
8 hours ago

Im not sure about the session timeout, could be 5-10 minutes. Also would depend on if the protocol closes the session itself or not.

 

If you didnt go to that website before, it should work/be blocked.

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.