Group Policy - Layer 3 Firewall Logging?

Crocker
Building a reputation

Group Policy - Layer 3 Firewall Logging?

I've got several group policies that are intended to act as an equivalent to Cisco ACL's, assigned to specific VLANS. For example, a policy governing what is/isn't allowed out of the management VLAN at a given site. The rules appear to work as intended.

 

Is there any way to enable logging to see what traffic the group policy firewall is blocking?

 

 

2 REPLIES 2
Inderdeep
Kind of a big deal
Kind of a big deal

@Crocker Have a look on the below document showing about the group policies 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Creating_and_Applying...

 

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Content_Filtering/Conten... 

 

 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
GIdenJoe
Kind of a big deal
Kind of a big deal

If you are referring to L3/L4 firewall logging it will actually mention it in each line.

So if you enable a syslog server on your network and point the Meraki network to it, you can choose to add the "flow" logs.  Then each firewall rule will have a box to enable or disable logging for that specific rule.

These will be included.

 

But what about group policies?
They are logged by default and the syslog message will actually say: allowed due to group policy.
It will however not mention what rule it matches though.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels