How to configure Client VPN with Meraki Cloud Auth to only be able to access certain subnet?

CHAadmin
Getting noticed

How to configure Client VPN with Meraki Cloud Auth to only be able to access certain subnet?

We recently (with some help from a network consultant) created a DMZ for our facilities LAN by defining it on the MX 250, then adding a few firewall rules.

 

Can we create a Client VPN that only allows access to that VLAN?

2 Replies 2
Ryan_Miles
Meraki Employee
Meraki Employee

The layer 3 firewall rules apply to the VPN subnet.

Ryan

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
PhilipDAth
Kind of a big deal
Kind of a big deal

If this is using the Microsoft VPN client, you can also create a group policy (in the Meraki Dashboard, and create firewall rules in it) and apply it to the client VPN users.

 

If you use RADIUS to authenticate the client you can also pass back a Meraki group policy to apply to the use with the Filter-Id RADIUS attribute.  The below article is for MR - but it is the same for client VPN on the MX.

https://documentation.meraki.com/MR/Group_Policies_and_Block_Lists/Using_RADIUS_Attributes_to_Apply_... 

Get notified when there are additional replies to this discussion.