Scenario: We have one machine on a dedicated VLAN/Subnet that we don't want accessing the internet.
What would be the best Meraki approach for denying internet access f but allowing it to access remote and local subnets.
Client is connected to a switch.
Yeah @PhilipDAth I wanted to delete the post but couldn't work out how.
As said above the scenario is: We have 1 OT machine in our factory on its own subnet, for the example we can call it OT Wired Data. We use direct internet(NBN) and MPLS on our MX65.
We only want this OT PC to access internal local/remote subnets and restrict internet access to teamviewer.com only.
Restrict internet access but allow access to remote subnets?
Go to security & SDWAN -> Configure -> Firewall.
Where xxx.xxx.xxx.xxx/xx is your OT Wired Data Subnet.
The outcome is the subnet will chat with internet remote/local subnets but only be allowed to access TeamViewer over the internet.
What we haven't solved is controlling what access our remote sites have to the OT machine through the concentrator.
OT = Operational Technology.