Blocking Port 445 outgoing causes VPN to not work

MBITMatt
New here

Blocking Port 445 outgoing causes VPN to not work

Hi All,

 

I feel like this is a fairly straightforward thing but I can't seem to pin it down.  

 

After the last Outlook Security issue I went ahead and double checked some firewall configurations.  I found 445 not blocked at some sites.  When a deny rule is setup VPN users cannot access shares.

 

Here's a screenshot of the basic config I did for Outgoing.

 

 

MBITMatt_0-1679945247397.png

 

 

VPN is configured as a basic L2TP connection to the Meraki itself.  Users are authenticated with Active Directory.

 

I think its something simple like just allowing my VPN users to use port 445 (they are on a different subnet when VPN'd in) but that doesn't seem to make it right.

 

Anyone else have this come up?

2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal

Why don't you create a rule allowing only local networks?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
MBITMatt
New here

I want to say when I did that I was still having problems with the VPN users.  I made sure that the local rule was above the deny all rule.

 

I'll double check this evening.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels