Layer 3 firewall rules on Group policy (from appliance)

GoOn
Getting noticed

Layer 3 firewall rules on Group policy (from appliance)

I built a new group policy with these layer 3 rules:

GoOn_0-1632999299413.png

Then I applied it to my device opening clients page, then my device page, and selecting it (I found it with its' name + "(from appliance)") in the Group policy dropdown menu and then save.

If now I reopen my device page, I can find the new group correctyl applied, clicking on "Show details" I view the rules I posted here.

I waited 5 minutes, but I'm anyway still able to ping 192.168.100.83, and also 192.168.1.45

 

So, what's wrong???

8 REPLIES 8
ww
Kind of a big deal
Kind of a big deal

What is your client ip and subnet mask?

GoOn
Getting noticed

192.168.3.5 and 255.255.255.0

ww
Kind of a big deal
Kind of a big deal

Your routing vlans are configured on the mx?

 

Did you disconnect/reconnect your client to the network? 

 

https://documentation.meraki.com/General_Administration/Tools_and_Troubleshooting/Troubleshooting_Gr...

GoOn
Getting noticed

Your routing vlans are configured on the mx?

=> where can I find this info?

 

Did you disconnect/reconnect your client to the network? 

=> my (the source) yes, the destination not!

Bruce
Kind of a big deal

What firmware version are you running on the MX?

GoOn
Getting noticed

MX 15.42.3

cmr
Kind of a big deal
Kind of a big deal

@GoOn do you have the VLAN interfaces set up on the MX or is it in single LAN mode:

 

Screenshot_20211001-091651_Chrome.jpg

GoOn
Getting noticed

On the source I have some VLANs configured, on the destination (the IP I ping) not, single LAN

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels