Hi folks
I have two rules:
The second one DENY all traffic from subnet192.168.30.0 to subnet 192.168.10.0,
and the first one ALLOW from host 192.168.30.31 to server 192.168.10.147:51414/TCP.
Right now, the ALLOW rule has no effect, I do have some very clear logs showing me that 51414/TCP packets are blocked because of the DENY rule:
<134>1 1657686991.844793491 Meraki_MX100 flows src=192.168.30.31 dst=192.168.10.147 mac=00:50:56:BF:60:F3 protocol=tcp sport=36336 dport=51514 pattern: deny (dst 192.168.10.0/24) && (src 192.168.30.0/24)
Also, each subnet is on it's own vlan and I am not using any Group Policy on the vlans or the clients...
Please, tell me what I'm missing here...
Thanks!
EDIT: Following Ryan_Miles's comment, I replaced the screen capture.
Solved! Go to solution.
Should be an easy fix !
Syslog shows : dport=51514 but the rule states 51414...
I forgot to mention that if I remove the DENY rule, everything works as expected. Packets flowsssss to their destination...
Looks like you should be using /32 masks on the allow rule. Not /24. If you fix that is there any change?
Thanks @Ryan_Miles
Yes I did a dumb mistake here...( ^_^)By dint of making changes I made that mistake... I was previously using /32 masks. So, I edited the allow rule, waited about 10 minutes, tested again and the firewall still blocks the packets.
(I have updated my post with a new screen capture and an edit comment.)
Just for grins, I'd bounce the MX and then re-test. Then post the syslogs if it continues to block.
Yeah
Should be an easy fix !
Syslog shows : dport=51514 but the rule states 51414...