Meraki

Community

How to see source ip and destination ip traffic

Solved
AD01
Conversationalist
‎Apr 3 2022 10:23 PM
‎Apr 3 2022 10:23 PM

How to see source ip and destination ip traffic

Hi fellow net admins!

Just wanting to know if there is this page to see the source IP and destination IP that being passed or blocked?

If so, where do we see that?

 

br,

-AD

0 Kudos
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 4 2022 12:52 AM
‎Apr 4 2022 12:52 AM

Packet capture is your best friend to see what is being allowed.

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Packet_Capture_Overvi... 

 

Amazingly, Meraki is the only firewall product I know of that doesn't have an easy way to see what traffic is being blocked.  You have to use syslog.

 

I'm been contemplating writing a syslog "server" in Python, purely to provide an easy way to be able to have something I can start on my computer to watch for short periods of time what is being blocked or allowed.

View solution in original post

6 Replies 6
MarcP
Kind of a big deal
‎Apr 3 2022 10:28 PM
‎Apr 3 2022 10:28 PM

you mean one of the following?

Before you need to go to network - generel and select "detailed traffic analyse"

 

Network - Traffic analyses

network - packet capture

clients detail page

0 Kudos
In response to MarcP
AD01
Conversationalist
‎Apr 4 2022 3:01 PM
‎Apr 4 2022 3:01 PM

Hi MarcP, thanks for the response. yeah, that's good, it give you somehow general apps/traffic visibility. Not exactly like Palos for e.g., when you're trying to look for src IP and dst IP.  A simple and straightforward visibility.

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 4 2022 12:52 AM
‎Apr 4 2022 12:52 AM

Packet capture is your best friend to see what is being allowed.

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Packet_Capture_Overvi... 

 

Amazingly, Meraki is the only firewall product I know of that doesn't have an easy way to see what traffic is being blocked.  You have to use syslog.

 

I'm been contemplating writing a syslog "server" in Python, purely to provide an easy way to be able to have something I can start on my computer to watch for short periods of time what is being blocked or allowed.

In response to PhilipDAth
rhbirkelund
Kind of a big deal
Kind of a big deal
‎Apr 4 2022 3:21 AM
‎Apr 4 2022 3:21 AM

@PhilipDAth wrote:
..

I'm been contemplating writing a syslog "server" in Python, purely to provide an easy way to be able to have something I can start on my computer to watch for short periods of time what is being blocked or allowed.

Something liket this? - https://gist.github.com/marcelom/4218010

 

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
In response to rhbirkelund
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 4 2022 12:32 PM
‎Apr 4 2022 12:32 PM

That is excellent!  I'll take a closer look and see how I can make it more useful for firewalling.

0 Kudos
In response to PhilipDAth
AD01
Conversationalist
‎Apr 4 2022 3:04 PM
‎Apr 4 2022 3:04 PM

Hi PhilipDAth, appreciate your response. Yeah, it seems this would be a "nice to have" future feature. I think it is extremely useful considering it is a FW device.

 

0 Kudos
li.common.scroll-to.top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.