Meraki

Community

Meraki MX NAT enable and open port 80

Solved
AYEN
Here to help
‎Feb 23 2024 12:04 AM
‎Feb 23 2024 12:04 AM

Meraki MX NAT enable and open port 80

Hi Everyone,

 

       I have a concerns with Meraki MX security rules. I used NAT configuration and I allowed some Port 80, 443 etc which are needed to inbound. So since I allowed only specific IP outside why in alert centre continuously send us an alert notification. And how I assured the other IP outside which trying to penetrate in our network not traverse in my local

LAN network.

 

Thank you.

0 Kudos
1 Accepted Solution
In response to AYEN
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 23 2024 5:52 PM
‎Feb 23 2024 5:52 PM

It's another solution.

 

https://www.f5.com//glossary/web-application-firewall-waf

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

0 Kudos
4 Replies 4
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 23 2024 3:25 AM
‎Feb 23 2024 3:25 AM

If you only allowed specific IPs, other IPs were unable to access them, but if you run a port scan you can know that they are open.

 

For security reasons, I would not open the ports without a WAF solution filtering this.

 

What I advise is to use a site to site VPN or VPN client to allow access.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
AYEN
Here to help
‎Feb 23 2024 4:44 PM
‎Feb 23 2024 4:44 PM

Hi, using a site to site VPN not possible because currently setup the user outside can only access their webserver and other resources via internet only by their Laptop or tablet. So WAF is another solutions that should I buy or existing in Meraki MX solution?

0 Kudos
In response to AYEN
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 23 2024 5:52 PM
‎Feb 23 2024 5:52 PM

It's another solution.

 

https://www.f5.com//glossary/web-application-firewall-waf

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
AYEN
Here to help
‎Feb 23 2024 5:55 PM
‎Feb 23 2024 5:55 PM

Thank you for the link I'll try to check this one

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.