Meraki

Community

HIDE PUBLIC IP ADDRESS ON NETWORK USERS

Prince
Here to help
yesterday
yesterday

HIDE PUBLIC IP ADDRESS ON NETWORK USERS

Hi Everyone,

 

Just want to ask if there is a way to block/hide our public IP address (ISP IP address) from the users of our network?  By searching "what's my IP?", there are sites that could identify our public IP.  Using a speedtest also shows our IP address.  We sometimes had guests that connect to our network.

 

My concern is that if they know our Public IP they could leak this information intentionally or unintentionally and could be used for cyber attacks.

 

Thanks in advance.

0 Kudos
5 Replies 5
ConnorL
Meraki Employee
Meraki Employee
14 hours ago
14 hours ago

The only way to "mask" your public IP would be to tunnel all your traffic to another endpoint, either by utilising an AutoVPN or Non-Meraki VPN connection to another node, or a third-party solution such as Umbrella SIG or ZScaler SWG

 

The public IP shown would then be that of the exit node of said tunnel/end-point, rather than the IP of your MX/router. Note you'll likely have a reduced overall throughput due to the overhead of a VPN connection.

TyShawn
A model citizen
11 hours ago
11 hours ago

Silly question but what information could be leaked by knowing your public IP? 

0 Kudos
MartinS
Building a reputation
11 hours ago
11 hours ago

Not a fan of 'security by obscurity' here - I would suggest that if knowing a public IP causes you a security problem, you need to address that security problem

---
COO
Highlight - Service Observability Platform
www.highlight.net
GreenMan
Meraki Employee
Meraki Employee
9 hours ago
9 hours ago

Have to say;   I'm with MartinS on this;   the bad guys will find you, wherever you are;   key is to make sure your door is locked and bolted.

double_virgule
Getting noticed
6 hours ago
6 hours ago

I agree with everyone here, with one caveat: There is a reason that the TOR browser exists. It masks your traffic by throwing it out a bunch of different endpoints at random. 

 

The use case that this user is describing specifically (their users looking up their public IP and sharing it with a threat actor) would not be prevented by changing or masking the public IP, but if they have a specific need to prevent the traffic they are shipping from being associated with a specific IP, that would be a different conversation. 

 

@Prince - Your users will always be able to see their public IP through some means, no matter what content filtering or masking you put in place. 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.