Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MX Umbrella integration

Solved
MK2
Building a reputation
‎Feb 29 2024 11:16 AM
‎Feb 29 2024 11:16 AM

MX Umbrella integration

Hi everyone,

 

I have a question for you about the Umbrella integration in Meraki. Is the point on the following screenshot a global setting for all subnets on the MX or does it only refer to MX's with integrated WLAN? The setting is under MX > Threat Protection at the bottom.

 

MK2_0-1709234027387.png

If I want to configure something specifically for subnets or clients, I would do this via the Group Policies, right?

 

0 Kudos
Subscribe
1 Accepted Solution
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 29 2024 11:32 AM
‎Feb 29 2024 11:32 AM

Yes Manually Integrating Cisco Umbrella with Meraki Networks - Cisco Meraki Documentation

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

0 Kudos
Subscribe
9 Replies 9
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 29 2024 11:32 AM
‎Feb 29 2024 11:32 AM

Yes Manually Integrating Cisco Umbrella with Meraki Networks - Cisco Meraki Documentation

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
MK2
Building a reputation
‎Feb 29 2024 11:55 AM
‎Feb 29 2024 11:55 AM

But if I unlink Umbrelle here, it shows this:

MK2_0-1709236407183.png

 

And this belongs to WiFi or not? So it seems not to be a general configuration? 

I have already read the documentation you suggested up and down.

0 Kudos
Subscribe
In response to MK2
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 29 2024 12:12 PM
‎Feb 29 2024 12:12 PM

Have you tried simply ignoring the message and linking with a group policy?🙂

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
MK2
Building a reputation
‎Feb 29 2024 12:30 PM
‎Feb 29 2024 12:30 PM

Just going to test drive the Umbrella solution. So your recommendation would be to ignore the setting in the screenshot and work with group policies?

0 Kudos
Subscribe
In response to MK2
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 29 2024 12:41 PM
‎Feb 29 2024 12:41 PM

In fact, you have to configure it in the way that best suits you.
 
In my case, I configure via Group policy because I have specific policies for each network in the umbrella.
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
MK2
Building a reputation
‎Mar 1 2024 12:41 AM
‎Mar 1 2024 12:41 AM

Just another question 🙂

Are the global layer 3 firewall rules attached to a group policy or ignored?

0 Kudos
Subscribe
In response to MK2
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 1 2024 2:18 AM
‎Mar 1 2024 2:18 AM

If you configure custom network firewall & traffic shaping group policy the answer is yes as long as you apply it directly to the VLAN interface.
 
Otherwise, this statement is only valid for the clients you apply it to.
 
Just a note from the documentation itself:
 

When a group policy is applied to a VLAN, that policy becomes the new "network default" for any other group policies applied to clients in that VLAN. Since this policy is the new "network default," the client devices will still show a "normal" policy applied under Network-wide > Monitor > Clients.

For example, a group policy named "Guest Network" with more restrictive layer 3 firewall rules than the network-wide configuration is applied to the guest VLAN, and a second group policy "Low Bandwidth" has a custom bandwidth limit, but is set to Use network firewall & shaping rules. If the Low Bandwidth group policy is applied to a client on the guest VLAN, the client will use the layer 3 firewall rules configured on the Guest Network group policy, not the network-wide layer 3 firewall rules configured on the Security & SD-WAN > Configure > Firewall page.

 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Creating_and_Applying...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
MK2
Building a reputation
‎Mar 1 2024 3:07 PM
‎Mar 1 2024 3:07 PM

Tested it again. 
It is a global setting, even if it says something with SSID that makes me think of WLAN. 
The problem is the MX firmware MX 18.208, with which there seem to be problems when sending requests from the MX clients via LAN, funnily enough WLAN works - there is no response from the Umbrella DNS servers.
 
Thanks for everything, now I'm smarter again
0 Kudos
Subscribe
In response to MK2
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 1 2024 4:15 PM
‎Mar 1 2024 4:15 PM

It's not the stable version.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.