Meraki

Community

How to create an 'allow' & 'block' rule for all TCP requests

rhamersley
Getting noticed
‎Sep 18 2023 6:53 AM
‎Sep 18 2023 6:53 AM

How to create an 'allow' & 'block' rule for all TCP requests

To enhance the security for out company and protect against potential egress vulnerabilities,  How can I perform the following...

 

* Create an 'allow' rule for all TCP requests, permitting communication only with our companies internal IP addresses.

 

Also...

 

* Create a 'block' rule for all TCP requests to external public IP addresses.

Labels:
0 Kudos
1 Reply 1
alemabrahao
Kind of a big deal
Kind of a big deal
‎Sep 18 2023 7:06 AM
‎Sep 18 2023 7:06 AM

Just like any firewall, you must place the most specific rules at the top, that is, you must create rules allowing everything you want and at the end you create a deny any any rule.

 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Using_Layer_3_Firewal...

 

I also suggest that you carry out all tests in an homologation environment before applying it to the production environment.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.