Meraki

Community

L3 firewall hit count 0

Solved
James12
Here to help
‎Aug 22 2021 11:53 PM
‎Aug 22 2021 11:53 PM

L3 firewall hit count 0

Hi folks,

 

have you guys encounter 0 hit count on the L3 firewall rules?

I wanted to see the rule's usage and effectiveness. 

Even the default rule is stated as 0.
so, it making me confuse.

 

James12_0-1629701568465.png

 

0 Kudos
1 Accepted Solution
In response to James12
ww
Kind of a big deal
Kind of a big deal
‎Aug 23 2021 1:12 AM
‎Aug 23 2021 1:12 AM

looks like its depends on the browser.  in chrome it doesn't go to 0 but keeps counting. but in duckduckgo browser it reset to 0 after a count.

 

i also only have hits on the allow any any. 

looks like a gui bug.

View solution in original post

0 Kudos
8 Replies 8
DarrenOC
Kind of a big deal
Kind of a big deal
‎Aug 23 2021 12:28 AM
‎Aug 23 2021 12:28 AM

Hi @James12 , to me that indicates that the traffic you’re looking for isn’t hitting your firewall!  Do you have another route out of the network?

 

It can take a few seconds for the counters to increase especially after a page refresh.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
In response to DarrenOC
James12
Here to help
‎Aug 23 2021 12:31 AM
‎Aug 23 2021 12:31 AM

@DarrenOC no only 1 simple network, MX is the gateway.
I waited for the page to load the hit count for over an hour but never came up.
My access to the internet is totally accessible, so that puzzles me. 

0 Kudos
In response to James12
DarrenOC
Kind of a big deal
Kind of a big deal
‎Aug 23 2021 12:37 AM
‎Aug 23 2021 12:37 AM

What’s your model and firmware?

 

Have you also tried verifying the behaviour from another browser?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
In response to DarrenOC
James12
Here to help
‎Aug 23 2021 12:47 AM
‎Aug 23 2021 12:47 AM

@DarrenOC 

MX 64 
V15.42.2

I just switch to Firefox and edge to test out, only hitting the default rules
I just added ICMP rules to google DNS and place it on the top. it doesnt show too.hm...... James12_0-1629704715929.png

 

0 Kudos
ww
Kind of a big deal
Kind of a big deal
‎Aug 23 2021 12:39 AM
‎Aug 23 2021 12:39 AM

the allow any also works.

you should look closely because its realtime and it can jump from value x to 0 if there is not much traffic

0 Kudos
In response to ww
James12
Here to help
‎Aug 23 2021 12:49 AM
‎Aug 23 2021 12:49 AM

@ww so the hit count will just reset to 0 when there is no traffic?

0 Kudos
In response to James12
ww
Kind of a big deal
Kind of a big deal
‎Aug 23 2021 1:12 AM
‎Aug 23 2021 1:12 AM

looks like its depends on the browser.  in chrome it doesn't go to 0 but keeps counting. but in duckduckgo browser it reset to 0 after a count.

 

i also only have hits on the allow any any. 

looks like a gui bug.

0 Kudos
In response to ww
James12
Here to help
‎Aug 23 2021 6:16 AM
‎Aug 23 2021 6:16 AM

@ww I'm using chrome, I don't see any hit count.
using firefox and edge only sees default rules with hit count.
Even adding a deny-all at the last policy.
I set up a test IP to see the hit count.

it only shows 0

James12_0-1629724311085.png

 

Just frustrating not Meraki is not able to show it what it does.

Hard for me to documents and pass them on to my colleagues.

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.