Google Hangouts Meet Outbound Rules in Firewall

SOLVED
ICSU
Conversationalist

Google Hangouts Meet Outbound Rules in Firewall

Hello, 

We are a K-12 school using Google Suite for Education.

To optimize Google Hangouts Meet video conferencing, Google has recommended the following:

 

https://support.google.com/a/answer/7582935?hl=enhttps://support.google.com/a/answer/7582935?hl=en 

 

and this too: 

 

https://support.google.com/a/answer/1279090?hl=en&ref_topic=7582344https://support.google.com/a/answer/1279090?hl=en&ref_topic=7582344

 

So I set up the Firewall with the following settings:

 

Screen Shot 2019-02-04 at 6.38.13 PM.png

 

According to Google's recommendation for Google Hangouts Meet, are the Outbound rules above set up correctly?

 

I looked through the other Google recommendations for optimizing Hangouts Meet and configured them correctly. 

 

Thank you for your help!

Blessings,

1 ACCEPTED SOLUTION
jbhehoman
Here to help

Based on the information you gathered and assuming you need the rules because you're blocking other traffic later in the ruleset, you'd need two rules. Both with a destination IP of 74.125.250.0/24. One for TCP with destination ports 443 and another for UDP with destination ports 443, 19302,19303, ...19309. 

View solution in original post

7 REPLIES 7
AjitKumar
Head in the Cloud

Hi,

This seems fine to me.

Hope you have allowed 443 and 80 (if required) for other services and general browsing.

Regards,
Ajit
AjitsNW@gmail.com
www.ajit.network
MarcP
Kind of a big deal

Should work, as set up... did you try?

BrandonS
Kind of a big deal

This shouldn't be needed at all unless you are blocking outbound traffic with higher priority rules.  It does not appear that way from your screenshot.

 

At default, Meraki will allow all traffic to flow.

- Ex community all-star (⌐⊙_⊙)
PhilipDAth
Kind of a big deal
Kind of a big deal

I read it differently - you have specified the ports as "source" ports for the outbound rule - I think they should be the destination ports.

 

However - do you have a rule that blocks traffic?  If there are no rules blocking traffic then you don't need to add extra rules to allow this traffic.

 

Also you could also be blocking the traffic using content filtering rules.

jbhehoman
Here to help

Based on the information you gathered and assuming you need the rules because you're blocking other traffic later in the ruleset, you'd need two rules. Both with a destination IP of 74.125.250.0/24. One for TCP with destination ports 443 and another for UDP with destination ports 443, 19302,19303, ...19309. 

ICSU
Conversationalist

Thank you all for your comments and recommendations!

There are some firewall rules configured by our vendor, so my goal is to optimize traffic for Hangouts Meet for the school. Perhaps adding the outbound rules may help.

I have set up the rules based on @jbhehoman recommendation and will test out the traffic once our Lunar New Year break has ended this week.

Thank you for help!

Blessings,

 

rqbillo
Conversationalist

Hi ICSU

Interesting post

I was wondering if it works the rules you applied. Did you see any improvement?

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels