Meraki

Community

Content Filtering

Solved
Daniel24
Here to help
‎Aug 2 2023 12:53 PM
‎Aug 2 2023 12:53 PM

Content Filtering

Sooo after working with Meraki be aware if you are working on implementing Content filtering you really need your VLAN Interfaces on the MX and not the Layer 3 Core switches. I had my interfaces there to help with just dedicating the MX to Firewall duties only. The problem is when you are trying to look for content filter logs it will report back as the switch not the specific client. Only way Meraki informed me to fix it was moving VLANs to the MX, which does appear to have worked. 

 

But the follow up problem now that I am seeing. So, does content filter with Meraki only show when something is actually blocked? Doesn't actually show when there is approved URLs passing through the MX only showing the blocked content. Even if I have the filter set to "All Filtering".  

 

Anyone else have the first reported issue?

 

And second paragraph issue a common thing?

Labels:
0 Kudos
1 Accepted Solution
Daniel24
Here to help
‎Aug 11 2023 12:00 PM
‎Aug 11 2023 12:00 PM

I'll reply to this if anyone in the future needs it for reference. Yes, for sure the only way to see allowed traffic is by using a Syslog server. I deployed Manage Engine Event Log Analyzer which works great to now see all traffic, not just the denied. 

View solution in original post

0 Kudos
5 Replies 5
ww
Kind of a big deal
Kind of a big deal
‎Aug 2 2023 2:04 PM
‎Aug 2 2023 2:04 PM

I supose it depend on what client tracking is used.  Did you also try Unique client identifier or Track by IP? https://documentation.meraki.com/MX/Monitoring_and_Reporting/Client-Tracking_Options

0 Kudos
In response to ww
Daniel24
Here to help
‎Aug 2 2023 2:13 PM
‎Aug 2 2023 2:13 PM

I was recommended due to no longer having any interfaces configured at Layer 3 that I should do Mac. I originally had it on Unique Client identifier trying to resolve the first paragraph of reporting on from the switch. 

0 Kudos
Malwina
Meraki Employee
Meraki Employee
‎Aug 3 2023 12:16 AM
‎Aug 3 2023 12:16 AM

Network-wide → Event Log would only display blocked Content Filtering Events.

0 Kudos
In response to Malwina
Daniel24
Here to help
‎Aug 3 2023 5:54 AM
‎Aug 3 2023 5:54 AM

So is there anyway to see traffic that was allowed? Syslog server?

0 Kudos
Daniel24
Here to help
‎Aug 11 2023 12:00 PM
‎Aug 11 2023 12:00 PM

I'll reply to this if anyone in the future needs it for reference. Yes, for sure the only way to see allowed traffic is by using a Syslog server. I deployed Manage Engine Event Log Analyzer which works great to now see all traffic, not just the denied. 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.