Meraki

Community

Client VPN and Wireless Concentrator isolation rules

Solved
nscheffer
Getting noticed
‎Mar 8 2020 3:08 AM
‎Mar 8 2020 3:08 AM

Client VPN and Wireless Concentrator isolation rules

Hi,

 

Maybe it's simple to do it but I did,'t find how to do it !

I have a MX68 in NAT mode with 2x WAN links with internet fiber access and the following clients connected to it :

- my local LAN with Meraki MRs  with a local net 192.168.x.0/24

- external users using Systems Manager with the client VPN on a specific net 192.168.y.0/24

- remote Meraki MRs using the VPN to Wireless concentrator on the MX68 with net 192.168.z.0/24

 

How to control and avoid that client VPN and users on the remote Meraki MRs can access internet from the MX68 but cannot access local LAN on my MX68 net 192.168.x.0/24 ?

 

Thanks in advance.

Regards

 

Nicolas

0 Kudos
1 Accepted Solution
Wickus
Here to help
‎Mar 8 2020 4:40 AM
‎Mar 8 2020 4:40 AM

Hi Nicolas

 

Have you tried using the layer 3 firewall on the MX

 

goto Security & SD-WAN -> Configure -> Firewall

 

Screenshot 2020-03-08 at 13.37.37.png

View solution in original post

2 Replies 2
Wickus
Here to help
‎Mar 8 2020 4:40 AM
‎Mar 8 2020 4:40 AM

Hi Nicolas

 

Have you tried using the layer 3 firewall on the MX

 

goto Security & SD-WAN -> Configure -> Firewall

 

Screenshot 2020-03-08 at 13.37.37.png

In response to Wickus
nscheffer
Getting noticed
‎Mar 8 2020 8:19 AM
‎Mar 8 2020 8:19 AM

Hi Wickus,

 

Not yet tried. I will do some test, thanks.
Seems to be easy and simple.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.