cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Block port 50001 across MX Auto-VPN?

SOLVED
Highlighted
Head in the Cloud

Block port 50001 across MX Auto-VPN?

Hi,

 

Can anyone advise the easiest way to block port (50001) traffic across our sites.

 

MX Range with Auto-VPN.

 

Thank you,
Peter James

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Here to help

Re: Block port 50001 across MX Auto-VPN?

Just create a VPN firewall rule;

  1. Security & SD-WAN > Configure > Site-to-site VPN
  2. Under "Organization-wide settings"
  3. Add a "Site-to-site outbound firewall" rule
  4. Policy: Deny
    Protocol: Select UDP or TCP
    Source: any
    Src port: any
    Destination: any
    Dst port: 50001

 

Do the same for "Site-to-site inbound firewall" rule too.

 

View solution in original post

3 REPLIES 3
Highlighted
Kind of a big deal
Kind of a big deal

Re: Block port 50001 across MX Auto-VPN?

Highlighted
Here to help

Re: Block port 50001 across MX Auto-VPN?

Just create a VPN firewall rule;

  1. Security & SD-WAN > Configure > Site-to-site VPN
  2. Under "Organization-wide settings"
  3. Add a "Site-to-site outbound firewall" rule
  4. Policy: Deny
    Protocol: Select UDP or TCP
    Source: any
    Src port: any
    Destination: any
    Dst port: 50001

 

Do the same for "Site-to-site inbound firewall" rule too.

 

View solution in original post

Highlighted
Kind of a big deal
Kind of a big deal

Re: Block port 50001 across MX Auto-VPN?

inbound does not work, see previous link.

 


@charles07 wrote

 

Do the same for "Site-to-site inbound firewall" rule too.

 


 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.