Block port 50001 across MX Auto-VPN?

SOLVED
PeterJames
Head in the Cloud

Block port 50001 across MX Auto-VPN?

Hi,

 

Can anyone advise the easiest way to block port (50001) traffic across our sites.

 

MX Range with Auto-VPN.

 

Thank you,
Peter James

1 ACCEPTED SOLUTION
charles07
Getting noticed

Just create a VPN firewall rule;

  1. Security & SD-WAN > Configure > Site-to-site VPN
  2. Under "Organization-wide settings"
  3. Add a "Site-to-site outbound firewall" rule
  4. Policy: Deny
    Protocol: Select UDP or TCP
    Source: any
    Src port: any
    Destination: any
    Dst port: 50001

 

Do the same for "Site-to-site inbound firewall" rule too.

 

View solution in original post

3 REPLIES 3
ww
Kind of a big deal
Kind of a big deal
charles07
Getting noticed

Just create a VPN firewall rule;

  1. Security & SD-WAN > Configure > Site-to-site VPN
  2. Under "Organization-wide settings"
  3. Add a "Site-to-site outbound firewall" rule
  4. Policy: Deny
    Protocol: Select UDP or TCP
    Source: any
    Src port: any
    Destination: any
    Dst port: 50001

 

Do the same for "Site-to-site inbound firewall" rule too.

 

ww
Kind of a big deal
Kind of a big deal

inbound does not work, see previous link.

 


@charles07 wrote

 

Do the same for "Site-to-site inbound firewall" rule too.

 


 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels