cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Client VPN and Wireless Concentrator isolation rules

SOLVED
Highlighted
Getting noticed

Client VPN and Wireless Concentrator isolation rules

Hi,

 

Maybe it's simple to do it but I did,'t find how to do it !

I have a MX68 in NAT mode with 2x WAN links with internet fiber access and the following clients connected to it :

- my local LAN with Meraki MRs  with a local net 192.168.x.0/24

- external users using Systems Manager with the client VPN on a specific net 192.168.y.0/24

- remote Meraki MRs using the VPN to Wireless concentrator on the MX68 with net 192.168.z.0/24

 

How to control and avoid that client VPN and users on the remote Meraki MRs can access internet from the MX68 but cannot access local LAN on my MX68 net 192.168.x.0/24 ?

 

Thanks in advance.

Regards

 

Nicolas

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Here to help

Re: Client VPN and Wireless Concentrator isolation rules

Hi Nicolas

 

Have you tried using the layer 3 firewall on the MX

 

goto Security & SD-WAN -> Configure -> Firewall

 

Screenshot 2020-03-08 at 13.37.37.png

View solution in original post

2 REPLIES 2
Highlighted
Here to help

Re: Client VPN and Wireless Concentrator isolation rules

Hi Nicolas

 

Have you tried using the layer 3 firewall on the MX

 

goto Security & SD-WAN -> Configure -> Firewall

 

Screenshot 2020-03-08 at 13.37.37.png

View solution in original post

Highlighted
Getting noticed

Re: Client VPN and Wireless Concentrator isolation rules

Hi Wickus,

 

Not yet tried. I will do some test, thanks.
Seems to be easy and simple.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.