Meraki

Community

How to configure Client VPN with Meraki Cloud Auth to only be able to access certain subnet?

CHAadmin
Getting noticed
‎Feb 8 2024 12:19 PM
‎Feb 8 2024 12:19 PM

How to configure Client VPN with Meraki Cloud Auth to only be able to access certain subnet?

We recently (with some help from a network consultant) created a DMZ for our facilities LAN by defining it on the MX 250, then adding a few firewall rules.

 

Can we create a Client VPN that only allows access to that VLAN?

Labels:
0 Kudos
2 Replies 2
Ryan_Miles
Meraki Employee
Meraki Employee
‎Feb 8 2024 12:58 PM
‎Feb 8 2024 12:58 PM

The layer 3 firewall rules apply to the VPN subnet.

Ryan

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 11 2024 11:28 AM
‎Feb 11 2024 11:28 AM

If this is using the Microsoft VPN client, you can also create a group policy (in the Meraki Dashboard, and create firewall rules in it) and apply it to the client VPN users.

 

If you use RADIUS to authenticate the client you can also pass back a Meraki group policy to apply to the use with the Filter-Id RADIUS attribute.  The below article is for MR - but it is the same for client VPN on the MX.

https://documentation.meraki.com/MR/Group_Policies_and_Block_Lists/Using_RADIUS_Attributes_to_Apply_... 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.