Inbound Site-To-Site VPN Firewall Rules Are Getting Removed

Solved
RH6379
Getting noticed

Inbound Site-To-Site VPN Firewall Rules Are Getting Removed

We set up a VPN tunnel from our MX84 in our Phoenix office to a checkpoint firewall in our HQ.  On the MX84, I have outbound vpn firewall rules that allow a PC in phoenix to communicate to 4 individual servers at HQ over any protocol.  I have a 5th rule that is a deny any any.  I disabled the default outbound rule that is a allow any any.

On the inbound VPN firewall rules, I created rules to permit the 4 servers we're allowing outbound access to to talk to the pc.  I also disabled the default inbound rule that is allow any any.

 

If I navigate away from that page and then go back to it, all the rules I created in the inbound VPN firewall are gone.

I'd like to know why this is happening and if it's a normal function of the MX84 or if have run into a bug.

 

I opened a ticket with Meraki Support.

1 Accepted Solution
RH6379
Getting noticed

Meraki support told me today that they don't support site-to-site VPN inbound firewall rules even though it's there on the dashboard under Security appliance>Site-to-site VPN. They suggested I submit a feature request.  When I asked why I should have to submit a feature request for an option that's on their dashboard, their response was:

 

"It was an engineering team's decision and sorry about the confusion. If you need further assistance, please let me know or call Support Hotline at 415-937-6671."

 

 

View solution in original post

4 Replies 4
MacuserJim
A model citizen

Do the changes show up under "Organization > Change Log"? Also have you tried logging into the dashboard with an incognito window or another browser to see if it is something weird with your session?

RH6379
Getting noticed

Meraki support told me today that they don't support site-to-site VPN inbound firewall rules even though it's there on the dashboard under Security appliance>Site-to-site VPN. They suggested I submit a feature request.  When I asked why I should have to submit a feature request for an option that's on their dashboard, their response was:

 

"It was an engineering team's decision and sorry about the confusion. If you need further assistance, please let me know or call Support Hotline at 415-937-6671."

 

 

katy_BIMALOY12
New here

 


@RH6379 wrote:

Meraki support told me today that they Notepad++ don't support site-to-site VPN inbound Malwarebytes  firewall rules even though it's there on the dashboard under Security appliance>Site-to-site VPN. They suggested I submit a feature request.FileZilla  When I asked why I should have to submit a feature request for an option that's on their dashboard, their response was:

 

"It was an engineering team's decision and sorry about the confusion. If you need further assistance, please let me know or call Support Hotline at 415-937-6671."

 

 


at the inbound VPN firewall guidelines, I created rules to allow the four servers we're permitting outbound get admission to to to talk to the computer. I also disabled the default inbound rule that is allow any any.

 

If I navigate faraway from that page after which move returned to it, all the regulations I created inside the inbound VPN firewall are long past.

i might like to know why this is occurring and if it is a everyday feature of the MX84 or if have run right into a bug 

Net-Dave
New here

Wow.. that's crazy! I am less than impressed with that decision from Cisco.

 

I have 5 site to site vpn's setup and my full network is exposed to them when I want to restrict their access to a couple of internal ip addresses...??

 

Come on Cisco , you should know better!

 

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels