Meraki

Community

Content Filtering

RahulPrasadh
Getting noticed
a week ago
a week ago

Content Filtering

We want one of the websites to be allowed, I have added the URL to allow list in content filtering also added to outbound firewall policy. While checking in appliance status able to ping from default but unable to ping from management VLAN's how to resolve this issue?

Labels:
0 Kudos
3 Replies 3
RaphaelL
Kind of a big deal
Kind of a big deal
a week ago
a week ago

Hi ,

 

You are mixing 2 things.  Content filtering applies to web traffic ( HTTP/HTTPS ) , while PING is based on ICMP. 

 

Make sure you are allowing ICMP from your management vlan.

In response to RaphaelL
RahulPrasadh
Getting noticed
a week ago
a week ago

When we try directly from Meraki network the site is getting blocked even though the URL is whitelisted in content filtering also added in outbound firewall policy.

0 Kudos
Caleb-Engle
Meraki Employee
Meraki Employee
Friday
Friday

Hi @RahulPrasadh,

 

As @RaphaelL mentioned, pings should not be used to test whether a content filtering rule is working as intended as content filtering does not apply to ICMP traffic.

 

That being said, if an allow-listed URL is still being blocked, then there are three likely possibilities:

  1. The content filtering configuration is incorrect or insufficient.
  2. Something else on the MX is blocking the traffic.
  3. The traffic is blocked/dropped somewhere else before or after the traffic is processed by the MX.

 

To determine which possibility is occurring, I would first recommend checking whether the traffic is in fact being blocked by content filtering, which can be done by navigating to Network-wide > Event log and filtering for the affected client, setting the appropriate time, and including the Event type Content filtering blocked URL. If you see entries for a URL that are related to the resource the client is attempting to reach, then ensure they have been properly added to the Content filtering Allow list.

 

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Content_Filtering/Conten...

 

If the traffic is not being blocked by content filtering, I would recommend checking any layer 3 and layer 7 firewall rules. If your MX is running version 18.2+, you can use the firewall logging tool to see in real time if any configured rules are traffic.

 

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/Firewall_Logging

---------------
If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.