Meraki MX NAT enable and open port 80

Solved
AYEN
Here to help

Meraki MX NAT enable and open port 80

Hi Everyone,

 

       I have a concerns with Meraki MX security rules. I used NAT configuration and I allowed some Port 80, 443 etc which are needed to inbound. So since I allowed only specific IP outside why in alert centre continuously send us an alert notification. And how I assured the other IP outside which trying to penetrate in our network not traverse in my local

LAN network.

 

Thank you.

1 Accepted Solution
alemabrahao
Kind of a big deal
Kind of a big deal

It's another solution.

 

https://www.f5.com//glossary/web-application-firewall-waf

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

4 Replies 4
alemabrahao
Kind of a big deal
Kind of a big deal

If you only allowed specific IPs, other IPs were unable to access them, but if you run a port scan you can know that they are open.

 

For security reasons, I would not open the ports without a WAF solution filtering this.

 

What I advise is to use a site to site VPN or VPN client to allow access.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
AYEN
Here to help

Hi, using a site to site VPN not possible because currently setup the user outside can only access their webserver and other resources via internet only by their Laptop or tablet. So WAF is another solutions that should I buy or existing in Meraki MX solution?

alemabrahao
Kind of a big deal
Kind of a big deal

It's another solution.

 

https://www.f5.com//glossary/web-application-firewall-waf

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
AYEN
Here to help

Thank you for the link I'll try to check this one

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels