Meraki

Community

Configuring firewall Rules to block/allow domain names as a name not as an IP

Solved
Senan_Rogers
Getting noticed
‎Feb 22 2018 9:43 AM
‎Feb 22 2018 9:43 AM

Configuring firewall Rules to block/allow domain names as a name not as an IP

Hello Gents, 

 

I have a VPN between two Meraki MX,  which they have Enterprise licenses not  Advance License So the content filter is not available.

 

I am trying to apply a rule to block a domain name like "meraki.com "  in the Site-to-site outbound firewall under Organization-wide settings, but it seems Meraki is not supporting domain name in the Site-to-site outbound firewall but it is supported in the layer 3 Firewall.

 

for example  filter content.png

 

any advice?  
0 Kudos
1 Accepted Solution
In response to Senan_Rogers
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 22 2018 11:45 AM
‎Feb 22 2018 11:45 AM

Is the spoke using a full tunnel to the hub and access the Internet that way - and you want to block some Internet requests?

 

Normally I would use the content filtering and block the URL.  Not sure how to go about this with only an Enterprise licence.

View solution in original post

0 Kudos
6 Replies 6
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 22 2018 11:40 AM
‎Feb 22 2018 11:40 AM

You are correct, that is not supported.

PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 22 2018 11:40 AM
‎Feb 22 2018 11:40 AM

Are the MX's in different organisations, and as a result you are not using AutoVPN?

0 Kudos
In response to PhilipDAth
Senan_Rogers
Getting noticed
‎Feb 22 2018 11:42 AM
‎Feb 22 2018 11:42 AM

Hello Phil,

 

both MX is in the Same Organization but in different Network, as one of them act as a HUB and the other as Spoke ( site ).

 

 

0 Kudos
In response to Senan_Rogers
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 22 2018 11:45 AM
‎Feb 22 2018 11:45 AM

Is the spoke using a full tunnel to the hub and access the Internet that way - and you want to block some Internet requests?

 

Normally I would use the content filtering and block the URL.  Not sure how to go about this with only an Enterprise licence.

0 Kudos
In response to PhilipDAth
Senan_Rogers
Getting noticed
‎Feb 22 2018 11:51 AM
‎Feb 22 2018 11:51 AM

vpn- filter site.png

0 Kudos
In response to PhilipDAth
Senan_Rogers
Getting noticed
‎Feb 22 2018 11:54 AM
‎Feb 22 2018 11:54 AM

Yes, this is why I have added this post, I know how to do it using the content filter and block the URL as i show it in my previous picture.

As you said I cannot do it with Enterprise Licence, we need Advance Security.
0 Kudos
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.