MX250 Firewalling and logging

JED2021
Getting noticed

MX250 Firewalling and logging

Seeking a quick start document for  basic subnet firewalling

 

WAN1 / WAN2 / Site to SIte VPNS/ Client VPNs

 

MX250 HA

 

VLAN A VLAN B VLAN C

 

Goal

Stop inter VLAN for A and B

Permit VLAN A AND VLAN B. Specific URLs

Permit VLAN B goes over Site to site Tunnels

Deny remaining VLAN A AND VLAN B

 

VLAN C. goes anywhere

 

VPN CLIENTS go anywhere ( NON SPLIT TUNNEL)

 

Is there a way to log Firewall hits to a syslog sever to watch  success or failure for troubleshooting.

 

Thanks

 

 

4 REPLIES 4
JED2021
Getting noticed

Which rulebase has priority

 

IE

L3

VLAN A. deny  Destination ANY.

L7

VLAN A.  Allow. WEBSITE.SAFE.COM

alemabrahao
Kind of a big deal
Kind of a big deal

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Layer_3_and_7_Firewal...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels