Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Gateway in other VLAN pingable

braham2019
Here to help
‎Nov 22 2019 5:37 AM
‎Nov 22 2019 5:37 AM

Gateway in other VLAN pingable

I have firewalled off a VLAN behind an MX65 and have create a FW rule to block ALL traffic from that VLAN to the other 3.

I cannot ping a host in the other networks. However, I can ping all the default gateways from those networks. Is that normal behaviour ?

 

 

0 Kudos
Subscribe
1 Reply 1
NolanHerring
Kind of a big deal
‎Nov 22 2019 6:45 AM
‎Nov 22 2019 6:45 AM

Yes that is normal, however I wish by default it would also block pings. I believe you have to create a specific ACL to also block ICMP, based on these other threads.

https://community.meraki.com/t5/Security-SD-WAN/How-to-segregate-VLANS/m-p/32991

https://community.meraki.com/t5/Security-SD-WAN/Prevent-inter-VLAN-routing-on-MX/m-p/1437

https://community.meraki.com/t5/Security-SD-WAN/MX-Firewall/td-p/20426
Nolan Herring | nolanwifi.com
TwitterLinkedIn
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.