Meraki Community

MikeLau

Hi,

I have a unit of MX105 and recently it blocked file download from other VLAN. the example of scenario is:

1. I am having my printer with VLAN 1 IP (192.168.0.11), and my laptop is in VLAN200 IP (10.20.30.22). when i am doing file scanning and would like to do the file download from my photocopier's inbox thru http protocol (port80), the download will failed and ask me to check the network connection.
2. IF my PC is within the same VLAN which is VLAN1, the download from port80 is success.

3. IF i am downloading the file from https protocol (port 443), the download success.

Please advise.

Brash

You could use a trusted traffic exclusion for the specific IP address/subnet.
Trusted Traffic Exclusions - Cisco Meraki Documentation

View solution in original post

Brash

It sounds like the download is being blocked by AMP or IPS. This applies between VLAN's as well as internet traffic.

It does not impact https traffic (port 443) as that communication is encrypted, and therefore the MX cannot inspect the traffic.

Threat Protection - Cisco Meraki Documentation

MikeLau

Hi Brash,

Therefore your suggestion is to add my vlan ip to "Allow list url" or add the trusted ip address /Subnet?

Brash

You could use a trusted traffic exclusion for the specific IP address/subnet.
Trusted Traffic Exclusions - Cisco Meraki Documentation

MikeLau

Thanks Brash, it work!

Meraki Community

MX105 meraki block file download from http protocol which is in other VLAN

MX105 meraki block file download from http protocol which is in other VLAN