MX-64 Wired network user access


MX-64 Wired network user access

I'm very new to the Meraki ecosystem but I tried to search and cannot find an answer. 


There's probably multiple ways, but how do I configure my MX-64 to use a MAC address table that I set to allow connectivity to clients under this firewall/router? I want an unknown device to be blocked from my meraki network unless I specified its MAC address in settings. So basically, block every client/device unless whitelisted. This question is in reference to a wired network. Firmware MX 13.23


Head in the Cloud

As of now, no real MAC filtering in the MX line. I think there is some on the MS least last time I checked.

BHC Resorts IT Department
Kind of a big deal

Configure your default firewall policy to block.


Create a group policy that overrides the firewall policy and allows traffic,


Then to allow a particular client (which is based on layer 2 MAC address by default) click on the client  and assign your group policy from above.

Phillips got it sorted!

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)

Hi Philip,

Will it also work for vpn clients? trying to remotely connect to my net. I am looking to add an extra layer of authentication. 

Kind of a big deal

I haven't played much with restricting VPN clients.  One of the issue with VPN clients is you can't apply a restriction until they have connected once.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.