- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Forbidden 403
Hello,
I have a client that is using Laser app at https://www.laserapp.com/
However, when he's connected to the Meraki client VPN, it gives a 403 forbidden error intermittently.
I've checked the firewall rules, added the specific site in content filtering and checked the separate VPN firewall too.
Nothing is set to block anything but it only occurs when he's connected to the Meraki network (it doesnt have to be a VPN, he can be in the Meraki LAN and still see this).
Any insights on this matter?
Thank you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@TLO3346 : Can you show me Layer 3 and Layer 7 Firewall rules ?
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Layer 3 is just Any Any
This is Layer 7
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @TLO3346 - did you get any further with this one?
A PING out to laserapp.com resolves to 18.210.183.211 so your L7 country firewall rule isn't being hit. Neither are the remote IP ranges that i can see that you have configured.
What does a packet capture show when you try to reach the url?
https://www.linkedin.com/in/darrenoconnor/
I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i saw two A records with the IP for this domain and yes i dont see any remote IP ranges configured as well with these two IP range.
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi all,
I found out that if you try to connect to the site too many times in a certain time period, the site initiates the Forbidden.
So not Meraki's fault. Grr..
Thanks to everyone looking into it regardless...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@TLO3346 : Really ? Hope you restored
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com