Content Filtering and Threat Protection through Meraki Client VPN (L2TP/IPsec)

Solved
gabriel-ribba
Conversationalist

Content Filtering and Threat Protection through Meraki Client VPN (L2TP/IPsec)

Hi everyone,

 

I'm using a Meraki MX68 with several users connected via the Meraki VPN client (L2TP/IPsec) in full tunnel mode. I'm trying to determine whether the security features like content filtering and threat protection are applied to traffic from these VPN clients. I couldn't find a clear answer in the documentation, so I'm hoping someone here might have experience or insight on this.

 

Also, i would think if i apply group policies to these users, the features mentioned above could apply to them, but i'm not sure.

 

Thanks in advance for your help!

1 Accepted Solution
KH
Meraki Employee
Meraki Employee

Hey @gabriel-ribba 

 

Content Filtering and Threat protection features will apply to Anyconnect/Client VPN Users.

The Threat protection page mentions the following:

In both IDS and IPS modes the following is inspected: 

  • all traffic between LAN and the Internet 

  • all traffic between VLANs

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it

View solution in original post

4 Replies 4
KH
Meraki Employee
Meraki Employee

Hey @gabriel-ribba 

 

Content Filtering and Threat protection features will apply to Anyconnect/Client VPN Users.

The Threat protection page mentions the following:

In both IDS and IPS modes the following is inspected: 

  • all traffic between LAN and the Internet 

  • all traffic between VLANs

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it
PhilipDAth
Kind of a big deal
Kind of a big deal

I am not confident that content filtering is applied to client VPN users.  I would test this specific case.

Tony-Sydney-AU
Meraki Employee
Meraki Employee

Hi @PhilipDAth , I tested and it works. But only if you have full tunnel. Split tunnel, naturally doesn't get traffic instection.

 

I think it is the same logic as Site-to-Site VPN in full tunnel.

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.
PhilipDAth
Kind of a big deal
Kind of a big deal

Thanks for testing this.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels