cancel
Showing results for 
Search instead for 
Did you mean: 

NAT & Firewall Security Policy

New here

NAT & Firewall Security Policy

Hi All

 

I have not used the Security appliance before nor do I have access to one at the moment.

So just wanted to ask, when you have a inbound NAT rule configured, is it still necessary to have a corresponding Firewall rule to to permit that traffic?

 

Kind Regards

John

3 REPLIES 3
Highlighted
Here to help

Re: NAT & Firewall Security Policy

Greetings John,

 

Negative. Once you have created your NAT rule and added the appropriate ports etc you should be good to go.

The NAT rule itself consists of the NAT and the firewall rule itself. There is no reason to create another inbound firewall rule pertaining to the NAT.

 

Hope this helps.

 

Cheers

 

New here

Re: NAT & Firewall Security Policy

Thank you for your quick response, that's great to know.

I know the other vendors like ASA or Palo Alto, you still need to define the security policies after the NAT rules.

And also after some research, it appears that it is not possible to do outbound NAT on the Meraki Security Appliance, is that correct?

 

 

 

Here to help

Re: NAT & Firewall Security Policy

No problem.

 

By default all traffic destined to the Internet is NAT'd to WAN1's IP, however it is my understanding if there are specific NAT rules present, traffic that is initiated from a internal host that is part of a NAT the public IP specified will be used for its source IP translation when egressing the MX.

Cheers

 

 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.