Meraki Community

Jonathan_Galvez

Hi guys,

I have a very weird scenario and I can not get an explanation by myself.

I want to isolate VLANs so I can block or allow the communication between VLANs.

In my test scenario I made the following:

My Computer: VLAN 1

My Handy: VLAN 2

I made a Firewall Rule ICMPv4 block from VLAN 1 to VLAN 2.

Picture 1: The rule seems to work and the ICMPs are blocked.

Picture 2: I allow the rule and the ICMP goes through.

Picture 3: When I change the rule again, no more packets are blocked.

Can please someone explain me, why it doesn't work anymore and how can I configure inter-VLAN Firewall.

I know this document: https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Using_Layer_3_Firewal...

But it seems to work only one time...

Thanks and regards,

Jonathan

alemabrahao

Just to confirm, is the MX the default gateway for both VLANs?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Jonathan_Galvez

Yes

alemabrahao

Have you ever tried to create an inboung rule instead of an outbound rule?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

ww

you should wait like 10 minutes, and not generate any traffic on the tcp/udp port or in this case icmp

cmr

Changes to current flows are not reflected by blocks, only new flows. Or if you stop the ping and restart it, is it still allowed?

Jonathan_Galvez

Thanks guys, will try right now 😉

Meraki Community

Inter-VLAN Firewall

Inter-VLAN Firewall