First post here, so be kind!
I have a customer with MX64 with a local las vegas business internet provider (cable). When trying to use a simple (built-in) Layer 7 Countries blocking rule "not to/from" for China, Russia, Indonesia (largest IP pool of mail server attackers so far for them) they lose internet connectivity. They have an advanced license.
This is not without precedent, trying it on my own MX64 for just china, my kids lose their xbox connections at the house, to just name one instance. When i first got my MX64 i dropped every country except Canada, and US into the same Layer 7 firewall rule and my internet was unusable. Anyone out there have some advice on this, the layer 7 country blocking was my favorite feature of the MX series that spurred me to buy it in the first place.
For the customer premise I mentioned, they called me right away after I set the 3 countries “not to/from” rule in layer 7, and told me that they have no internet access. Normally I would have taken the time to troubleshoot what was and wasn’t working- but this was a production environment that cannot be without internet access. I have multiple servers on the inside of their network with backup remote access “Teamviwer” installations tied to my teamviewer account. When the customer called me, I looked at my teamviewer status and all their connected teamviewer computers showed offline. I immediately removed the rule from the Meraki dashboard and they regained internet access within 30-45 seconds.
Can you PM me the serial number to this? This sounds very odd and I checked with our support and there isn't anything widespread. We would like to take a closer look to see if there is anything obvious in the logs.
I had the same problem. Had to add more countries. I can't remember which, but I think it was netherlands. Teamviewer is working for me and I have the following countries: Canada, France, Germany, Ireland, Japan, Netherlands, United Kingdom, United States.
Same problem. Firmware version 14.40
blocking the following countries with "not to/from"
complete internet goes down. cannot ping 188.8.131.52 or 184.108.40.206 office 360 stops working as well.
looks like this has been an issue for 2 years now. maybe the not to/from really means anything going in or out only from these countries?
Especially as you‘re referring to O365: what is your specific threat model that makes you think Geoblocking is any good nowadays (if I may ask)?
I'm doing 2 things. Because I'm seeing attacks from those countries, I'm blocking them.
2nd item, because we moved our exchange from Azure to on prem, we have a nat that I'm adding the IP addresses microsoft provided,... kind of,. I'm adding the IPv4 addresses. I'm seeing Meraki does not like the IPv6 addresses in the NAT filter.
I did the "Traffic to/From" this morning before people came in and it works fine. After going through documentation and posts, I learned the way it works is:
Traffic "not to/From" would be your only allow these countries
Traffic "to/From" would be countries to block
The way I had read it at first was don't allow incoming traffic unless it is initiated by outgoing traffic which is wrong.