Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Finding source of Content filtering hits in a core switch routed enviornment

CaptainBeRad
Here to help
‎Mar 9 2022 7:41 AM
‎Mar 9 2022 7:41 AM

Finding source of Content filtering hits in a core switch routed enviornment

Hello,

 

I have a setup where the core switches are the default gateways for many of the VLAN's in our environment. Then we have a transit stub network to connect all of those VLANs to the MX firewalls. The problem I see here is when things hit the content filter the source mac/ip is the interface on the transit VLAN. It's tough to find the device where the traffic has originated from. Anyone have any good methods for this?

 

-Brad 

0 Kudos
Subscribe
4 Replies 4
Ryan_Miles
Meraki Employee
Meraki Employee
‎Mar 9 2022 7:50 AM
‎Mar 9 2022 7:50 AM

Did you change the MX client tracking mode? https://documentation.meraki.com/MX/Networks_and_Routing/MX_Addressing_and_VLANs#Client_tracking

0 Kudos
Subscribe
CaptainBeRad
Here to help
‎Mar 9 2022 8:06 AM
‎Mar 9 2022 8:06 AM

@Ryan_Miles I did change it, we're on the cusp of a code upgrade. I think it's supposed to happen this weekend. The environment is Meraki top to bottom, so it's AP's, switches, and FW's all meraki. I have client tracking set to "Unique Client Identifier" but it has a little "Beta" text next to it. It doesn't seem to work really well so far. I have a lot of client tracking problems where the clients are showing discovered on switch uplink ports instead of their wired port in a stack downstream. I also see the issue in the original post a lot. 

0 Kudos
Subscribe
In response to CaptainBeRad
CaptainBeRad
Here to help
‎Mar 9 2022 8:11 AM
‎Mar 9 2022 8:11 AM

Also of note here is the IP address option is ghosted out for some reason

0 Kudos
Subscribe
In response to CaptainBeRad
PaulMcG
Getting noticed
‎Mar 9 2022 11:02 AM
‎Mar 9 2022 11:02 AM

Track by IP is not supported in a combined network.  You would need to split up the network if you want to try it.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.