cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki Group Policy Question

Highlighted
Getting noticed

Meraki Group Policy Question

Hello,

 

As far as defining whitelisted / blocked URL's to a specific VLAN in Group Policy.... does this only effect traffic on TCP 80 and TCP 443? For example, if I have a specific L3 firewall rule for "Allow VLAN10 to 199.192.199.192 on TCP 45200" but I also have a Group Policy applied to VLAN10 that has Blocked URL Patterns with an "*" so effectively blocking all patterns, and only Whitelisting a few that are necessary, will to traffic from VLAN10 to 199.192.199.192 still work on TCP 45200 because L3 rule is there?

 

I should mention that in my L3 firewall I have an implicit deny rule above the default allow all rule. Above that implicit deny I am allowing VLAN10 to Any on 80,443,8080, but I then use the Group Policy to restrict web traffic to only permitted URLs.

2 REPLIES 2
Highlighted
A model citizen

Re: Meraki Group Policy Question

If you allow the TCP traffic on port 45200 this should work.

 

Regards,

Ben

Highlighted
Getting noticed

Re: Meraki Group Policy Question

Yeah that is what I am leaning towards. Meraki Support was able to tell me that Group Policy Content Filtering Rules, like regular Content Filtering Rules only apply to HTTP streams and HTTPS streams, and other TCP / UDP-type traffic should just require it's L3 firewall rule and that should be enough. 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.