Fortigate to Meraki... Box to Box Migration

Solved
Mahadevan
Conversationalist

Fortigate to Meraki... Box to Box Migration

A customer bought Meraki MX84 and want to migrate the existing Fortigate users to new box.. Need clarification for below points. Please share your insights fellows.

 

1) Where to check live logs for troubleshooting ? - In event log content based filter is available but not source and destination based.

 

2) MAC based authentication possible ?

 

3) Does it supports LDAP authentication ?

1 Accepted Solution
CptnCrnch
Kind of a big deal
Kind of a big deal


How to check in cloud console ??

Firewall logs will not be uploaded to the cloud, so the only chance is the local syslog server

 


Nope. Can I add MAC address in local database ?? Similar to other UTM firewall..

No, and why would you do that? MAC spoofing is a piece of cake, so from a security point of view, proper authentication is the way to go here.

View solution in original post

8 Replies 8
Nash
Kind of a big deal

1) You can send syslogs to a syslog server. Here's an example of the supported events: https://documentation.meraki.com/zGeneral_Administration/Monitoring_and_Reporting/Syslog_Event_Types...

 

2) When you say mac-based authentication, do you mean 802.1x on the ports? If so, no, not on an MX84. (https://documentation.meraki.com/MX/Access_Control_and_Splash_Page/MX_Access_Policies_(802.1X))

 

3) What do you want to authenticate? Client VPN supports RADIUS or ActiveDirectory. (I prefer RADIUS via NPS in an AD environment... simpler.) Or you can use SAML for authenticating administrators.

Mahadevan
Conversationalist

Thanks for the reply.

 

1) You can send syslogs to a syslog server. Here's an example of the supported - Not with external syslog. How to check in cloud console ??

 

2) When you say mac-based authentication, do you mean 802.1x on the ports? If so, no, not on an MX84. - Nope. Can I add MAC address in local database ?? Similar to other UTM firewall..

 

 

CptnCrnch
Kind of a big deal
Kind of a big deal


How to check in cloud console ??

Firewall logs will not be uploaded to the cloud, so the only chance is the local syslog server

 


Nope. Can I add MAC address in local database ?? Similar to other UTM firewall..

No, and why would you do that? MAC spoofing is a piece of cake, so from a security point of view, proper authentication is the way to go here.

Mahadevan
Conversationalist

Thanks man . .

Nash
Kind of a big deal

To check events in the cloud console, you go to Network -> Event Log.

 

Meraki firewalls are beginning to offer HTTPS packet inspection in a beta version of the firmware, but the performance hit is significant. AMP offers malware detection over HTTP by default, and you can use the baked in content filtering.

 

I will note that I am generally really NOT a fan of HTTPS packet inspection. We encrypt stuff for a reason. 

Mahadevan
Conversationalist

Thanks Nash

PhilipDAth
Kind of a big deal
Kind of a big deal

>MAC based authentication possible ?

 

Meraki group policies are based on MAC addresses, so in this sense, yes.

 

Also if you use a splash page for authentication then that client authentication is done based on their MAC address.

Nicholas183
Comes here often

HI Philip,

Meraki group policies are based on MAC addresses, so in this sense, yes.

 

Also if you use a splash page for authentication then that client authentication is done based on their MAC address.

 

How can I config it on Meraki Dashboard?

 

Nicholas

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels