Meraki Community

AndreaBagliano · ‎Dec 1 2020

Related devices: MX100

I have an MX100 with 2 networks:

192.168.40.0/40 on port 3 VLAN 1 of MX100

192.168.50.0/24 on port 5 VLAN 10 of MX100

Suppose we have 2:

host A (connected to port 3)

host B (connected to port 5)

I want to block traffic when HOST B communicates with HOST A but allow traffic when HOST A communicates to HOST B, in other words I would like that is permitted the connection only if is started from HOST A to Host B then:

A trying to ping B should get reply.

B trying to ping A should fail

There is a way to activate this policy

Thaks in advance

kYutobi · ‎Dec 1 2020

Check this out. Hope it helps.

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Creating_and_Applying...

Enthusiast

View solution in original post

kYutobi · ‎Dec 1 2020

Check this out. Hope it helps.

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Creating_and_Applying...

Enthusiast

PhilipDAth · ‎Dec 1 2020

Host-based group policy is not stateful - so you can not use that.

You would need to give the hosts a static IP address (could be a DHCP reservation) and use standard L3 firewall rules to accomplish this.

Meraki Community

Group policy across networks

Group policy across networks