Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to configure Client VPN with Meraki Cloud Auth to only be able to access certain subnet?

CHAadmin
Getting noticed
‎Feb 8 2024 12:19 PM
‎Feb 8 2024 12:19 PM

How to configure Client VPN with Meraki Cloud Auth to only be able to access certain subnet?

We recently (with some help from a network consultant) created a DMZ for our facilities LAN by defining it on the MX 250, then adding a few firewall rules.

 

Can we create a Client VPN that only allows access to that VLAN?

Labels:
0 Kudos
Subscribe
2 Replies 2
Ryan_Miles
Meraki Employee
Meraki Employee
‎Feb 8 2024 12:58 PM
‎Feb 8 2024 12:58 PM

The layer 3 firewall rules apply to the VPN subnet.

Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 11 2024 11:28 AM
‎Feb 11 2024 11:28 AM

If this is using the Microsoft VPN client, you can also create a group policy (in the Meraki Dashboard, and create firewall rules in it) and apply it to the client VPN users.

 

If you use RADIUS to authenticate the client you can also pass back a Meraki group policy to apply to the use with the Filter-Id RADIUS attribute.  The below article is for MR - but it is the same for client VPN on the MX.

https://documentation.meraki.com/MR/Group_Policies_and_Block_Lists/Using_RADIUS_Attributes_to_Apply_... 

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.