Meraki

hamidsattar

Hello,

I have following LAN networks.

LAN1 >>> Vlan1 >>> 192.168.128.0/24

LAN2 >>> Vlan10 >>> 10.10.10.0/24

LAN3 >>>Vlan200 >>> 192.168.200.0/24

I want to block LAN1 and LAN2 to access LAN3. I created rules under outbound rules but they are not working. Please check Attached screenshots.

I think I am doing something wrong. Because when I ping from Vlan1 and Vlan10 it still works.

Please let me know what I am missing.

Thanks in Advance

DarrenOC

Hi @hamidsattar , have you tried running the same ping from a device on the network as a simulated ping from the mx won’t get blocked as shown in your screenshots.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

PhilipDAth

Your firewall rules look correct - but they don't get applied to traffic generated from the MX itself. You'll need to test with actual devices plugged into those VLANs.

hamidsattar

Hello Philip,

It's still not working. I tried from actual device and I can ping 192.168.200.1

PhilipDAth

Your screenshot shows that 192.168.200.1 is the MX. Remember - the MX is excluded from the firewall rules.

You have to ping from another device to a different device (something that is not the MX).

hamidsattar

Hi,

Thank for the info, I will test it out and let you know the results.

Meraki

Community

How to block Inter-Vlan Routing Cisco Meraki MX64

How to block Inter-Vlan Routing Cisco Meraki MX64