Facing issue using Group Policies

V_007
Conversationalist

Facing issue using Group Policies

HI All,

 

Unable to access Anydesk and Ultraviewer if i add my user in Normal group policy, where if i move to full internet Group  policy all things are accessible.

 

Can anyone help me how to rectify this issue.

 

 

9 REPLIES 9
alemabrahao
Kind of a big deal
Kind of a big deal

Can you show your group policy configuration?

V_007
Conversationalist

Attach is the Full internet group policy. Whereas Normal group policy is the default one that every Meraki device has preconfigured.

 

V_007_0-1679329905572.png

 

alemabrahao
Kind of a big deal
Kind of a big deal

What version are you running? On version 17.x the MX uses Cisco Talos intelligence before that It uses Brightcloud.

 

Have you tried adding the URL on the Allow list URL?

V_007
Conversationalist

Hi Alemabrahao,

 

Yes i have tried adding the url in allow list but still not accessbile. Version im running is 17.10.2

alemabrahao
Kind of a big deal
Kind of a big deal

I suggest you to upgrade for version 17.10.4

V_007
Conversationalist

Do you have any document which says 17.10.4 resolves such problem.

alemabrahao
Kind of a big deal
Kind of a big deal

The release notes don't mention anything, but I already saw some issues in version 17.10.2 that were resolved with the update.

PhilipDAth
Kind of a big deal
Kind of a big deal

Anything in Network-work Wide/Events for the MX showing anything being blocked (usually by L7 firewall rules)?

Anything in Security & SD-WAN/Security/Events, show anything being blocked?

 

You could try getting a list of DNS entries these two are accessing.  If you can't get that from the supplier easily, do a packet capture on udp/53, reboot the device and then access what you are interested in.  Note the DNS queries made in the packet capture.

 

Then go into Security & SW-WAN into content filtering and use the tool to lookup DNS names to find what category they are in - something is probably in a blocked category.

 

V_007
Conversationalist

Hi PhilipDAth,

 

There's no log in Meraki Events showing that particular content is getting blocked. Regarding packet capture i have taken but not finding any way how to read it and find out the root cause. Can you help me here.

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels