- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Firewall Nat "Allowed Remote IPs" domain name?
Annoying situation. We have a vendor who's cloud endpoint reaches into our on premises server (their software) via a public IP:Port with all connections blocked except their IPs. They recently changed cloud configuration and now want us to use a DNS record for this allow. As far as I can tell I can only use IPs in the "Allowed Remote IPs" section of the NAT port forwarding rules.
I figured I'd just look up the records for that host name, and allow those. Even just a day later their servers have changed a few IP addresses.
Is there any way to allow only that specific DNS domain to that port? If I do put the FQDN into that box, the settings will save without error, but the list is not used.
Solved! Go to solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi ,
According to https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX it doesn't seem to be supported.
You could leverage the API to run a script hourly to do a DNS resolution and update the firewall / NAT rules. Not ideal but I don't think you have other options.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi ,
According to https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX it doesn't seem to be supported.
You could leverage the API to run a script hourly to do a DNS resolution and update the firewall / NAT rules. Not ideal but I don't think you have other options.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks. That's pretty much what I was thinking. I know a lot of their customers are in our same sector and many of them use Meraki gear, so it seems so odd to me that they would force this change through.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Site to site VPN?
