MX67 Content Filtering of Wireless Clients Failing

RandyD
Getting noticed

MX67 Content Filtering of Wireless Clients Failing

Content filtering from my wireless clients is not working. These clients are on the same VLAN as my wired clients on an inside network.  Content filtering is enforced on my wired clients, but not my wireless.  Can't figure out what changed as this was working and I've not made any network changes.  Running firmware version MX 17.8 

4 Replies 4
ww
Kind of a big deal
Kind of a big deal

The mx should not know the difference between a wireless or wired client. The content filter should work for all client on all vlans.  The only way to exclude clients would be a whitelist or group policy. Do you have a gp assigned on wireless clients?

RandyD
Getting noticed

@ww I agree with you, that is what is confusing.  Both wired and wireless are in the same "normal" group policy.  Both are on the same VLAN.  The various sites that should be blocked are not explicitly in the whitelist.  I've tried both Windows 11 and iPhone on wireless to rule out OS/browser behavior with the same result.

RandyD
Getting noticed

I was finally able to get a case opened and Meraki acknowledged that there is a bug in MX67W firmware 17.x whereas wireless clients are bypassing several security features. Their workaround was to create a new group policy and organize your wireless clients into that policy, however, that has not worked for me.  Awaiting a fix from Meraki and have an open support case.  This is a major bug in the security appliance, and I would hope they would get a fix for this soon!

RandyD
Getting noticed

It seems the 17.10 firmware update just released and pushed to my appliance fixed this issue.  Wireless clients are now getting policy applied correctly.   

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels