Products
Platform
General
Public groups
I see a default "deny all" inbound Layer3 rule on our MX. I'm going to assume that Deny All inbound layer3 rule has no effect if you create a NAT Forwarding rule. Is that correct? Just wanted to verify before I start creating Forwarding rules.
Thanks
Sarvjit
Solved! Go to solution.
I found the documentation for this, it states the following:
"The inbound firewall overrides the “allowed inbound connections” field for NATs, port forwards, and firewall host services, etc"
Here is the link to the complete documentation
https://documentation.meraki.com/MX/Networks_and_Routing/NAT_Exceptions-No_NAT_on_MX_Security_Applia...
View solution in original post
The deny all should be only for ipv6.
Unless you running a early access:
NAT Exceptions with Manual Inbound Firewall
Default Deny All rule is for Dual Stack and not just IPV6. We haven't touched it so that must be the default.
Hmm that would be new, i dont see it over here, only for the ipv6
Can you check if this early access is enabled?
Guess I will just play around with the rules and see how they impact each other.
ThanksSarvjit
