cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Firewall - Outbound rules

Getting noticed

Firewall - Outbound rules

Hello!

Can you tell me:

If you create rules with Source 192.168.0.0/24 and Destination 192.168.20.1/32 it's in two sides or only from src to dst ?

Or need to create second rules which source 192.168.20.1/32 send packages to network 192.168.0.0/24?

Thank you

4 REPLIES 4
Conversationalist

Re: Firewall - Outbound rules

Hi!

Rules seems to only work one way on my firewall. blocking everything from outside as a standard.
Kind of a big deal ww
Kind of a big deal

Re: Firewall - Outbound rules

yes only 1 way. but almost no traffic/session works without two-way communication. to be sure you can make rules for both sites/subnets.

Getting noticed

Re: Firewall - Outbound rules

So if i want that Network see device and device see Network i need to create two rules?

 

First Rule: Source 192.168.0.0/24 Destanation 192.168.20.20/32

Second Rule: Source 192.168.20.20/32 Destanation 192.168.0.0/24

 

And doesn't matter if its traffic between VLANs?

Am I right? It's like standard firewall in Iptables and etc

Conversationalist

Re: Firewall - Outbound rules

Rules: yes! 😄

And no, different VLAN will not matter as the firewall rule states that the VLAN can talk to each other.

I don't think you'll be able to "see" the devices automatically, as that usually are done with a ARP request (if you use a lan-scanner or something like that. But you will be able to directly ping the device on the other subnet.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.