Meraki MX Layer 7 firewall rules allow traffic filtering by geolocation, but they operate on a broad basis: they can block or allow traffic from/to an entire country rather than allowing more granular, user-specific controls.

• Allow All Traffic from That Country: You can create a Layer 7 firewall rule that allows traffic from the entire country where the user is traveling. However, this rule would apply to all users on the network, not just the specific traveler.

• Create a Custom VPN or Split Tunnel Solution: For finer control, you might consider setting up a VPN that the user can connect to when they are in the specific country. This way, their traffic is routed through the corporate network, bypassing geolocation restrictions. Alternatively, you could use a split-tunnel configuration to allow only certain traffic types (like web or email) through the VPN, letting other traffic go directly.