Layer 7 Firewall Changes

bsmith
Comes here often

Layer 7 Firewall Changes

Heads up, something changed in the MX security appliance Layer 7 categorization and traffic handling over the weekend of October 1st, 2022. We came in Monday, the 3rd to support tickets from ClientVPN users who could no longer RDP to their desktops, timeclocks that could no longer communicate with their cloud service providers, and an application that no longer functioned properly across the SDWAN. Timeclocks were being blocked as "Citrix Static" Layer 7, remote application was blocked as some form of Peer-2-Peer, and the RDP was blocked as RDP even though it had worked forever for client VPN prior to this weekend. Just be on the lookout if you have L7 applied.

4 REPLIES 4
RaphaelL
Kind of a big deal
Kind of a big deal

Have you upgraded your MX during that period ?

bsmith
Comes here often

No. I opened multiple cases across various issues. In all of them, support has confirmed changes to their L7 handling.

Hi @bsmith 

 

What is your current firmware version on the MX device?

bsmith
Comes here often

Was 16.16 when this started. I updated to 16.16.6 couple days ago but that had no impact. It's the L7 analytics they use.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels