Layer 7 Firewall issues

SOLVED
RichardAUSA
Conversationalist

Layer 7 Firewall issues

Hey guys , i have an mx64, trying to add deny rules to layer 7 firewall, but i still keep seeing the ip range listed in the firewall still getting hit event, any suggestions or thoughts , TY ahead of time

1 ACCEPTED SOLUTION

A bit higher on the same page, it would be something like this:

BrechtSchamp_0-1574610655392.png

 

View solution in original post

8 REPLIES 8
BrechtSchamp
Kind of a big deal

Can you share some details about the firewall rules you've defined? I can try to reproduce it on my MX64.

sure basically its just one rule

Security & SD-WAN

Layer7 Firewall Rules

deny

remote ip range

xxx.xxx.xxx.xxx/22

 

now saying this i do have port forwards also, but layer7 is before these, so logic would dictate the layer 7 rules deny first then goto the port forwards.

 

actually, are port forwards layer3/4 so this is why they are being bypassed due to being process earlier?

Is this range in your network or on the internet?

internet

All right. Why don't you use the L3 firewall rules?

where would i locate layer 3 firewall rules?

A bit higher on the same page, it would be something like this:

BrechtSchamp_0-1574610655392.png

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels