Meraki

Community

Group Policy - Layer 3 Firewall Logging?

Crocker
A model citizen
‎Apr 12 2021 8:35 AM
‎Apr 12 2021 8:35 AM

Group Policy - Layer 3 Firewall Logging?

I've got several group policies that are intended to act as an equivalent to Cisco ACL's, assigned to specific VLANS. For example, a policy governing what is/isn't allowed out of the management VLAN at a given site. The rules appear to work as intended.

 

Is there any way to enable logging to see what traffic the group policy firewall is blocking?

 

 

0 Kudos
2 Replies 2
Inderdeep
Kind of a big deal
Kind of a big deal
‎Apr 12 2021 9:02 AM
‎Apr 12 2021 9:02 AM

@Crocker Have a look on the below document showing about the group policies 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Creating_and_Applying...

 

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Content_Filtering/Conten... 

 

 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
0 Kudos
GIdenJoe
Kind of a big deal
Kind of a big deal
‎Apr 12 2021 10:55 AM
‎Apr 12 2021 10:55 AM

If you are referring to L3/L4 firewall logging it will actually mention it in each line.

So if you enable a syslog server on your network and point the Meraki network to it, you can choose to add the "flow" logs.  Then each firewall rule will have a box to enable or disable logging for that specific rule.

These will be included.

 

But what about group policies?
They are logged by default and the syslog message will actually say: allowed due to group policy.
It will however not mention what rule it matches though.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.