Client VPN prevent from connecting from certain countries

Solved
knightrider
New here

Client VPN prevent from connecting from certain countries

We  want the  Client VPN prevent from connecting from certain countries, We have firewall Layer 7 rule "Deny Traffic not to/ from USA, Canada, UK" ,but this rule did not helped , we found user able to connect from India.

WE open the t case with meraki support , they  reply "Layer 7 rules do not apply to inbound Client VPN connections"

Is any one have idea how we can implement client vpn  prevent from connecting from certain countries.

 

1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal

I can't think of any way to do this.

 

Going sideways, if you want to improve your security posture, consider using MFA with Client VPN, such as Cisco Duo.

https://duo.com/docs/meraki-radius 

View solution in original post

6 Replies 6
Inderdeep
Kind of a big deal
Kind of a big deal

@knightrider : You can do that as shown below using Layer 7 rules

 

Inderdeep_0-1618503079895.png

 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
knightrider
New here

Yes this is what we have L7 rule in place, but user still able to connect .

 

Inderdeep
Kind of a big deal
Kind of a big deal

What license you have on the MX ?

 

Inderdeep_0-1618506584481.png

 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
knightrider
New here

we have advanced security license  for MX100

PhilipDAth
Kind of a big deal
Kind of a big deal

I can't think of any way to do this.

 

Going sideways, if you want to improve your security posture, consider using MFA with Client VPN, such as Cisco Duo.

https://duo.com/docs/meraki-radius 

knightrider
New here

Thanks this way we think off to go with 

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels