Meraki

Community

NBAR - Shaping rules

RaphaelL
Kind of a big deal
Kind of a big deal
‎Feb 11 2025 10:50 AM
‎Feb 11 2025 10:50 AM

NBAR - Shaping rules

Hi ,

 

I have read the document : https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Next-gen_Traffic_Anal...

 

 

My networks and templates are set to : Network-wide > Configure > General > Traffic analysis and set "Traffic analysis" to "Detailed: collect destination hostnames." 

 

However when I try to create a shaping rule , I still get the default choice reported by TA : 

RaphaelL_0-1739299772350.png

 

 

It looks like NBAR is not enabled or leveraged by my shaping rule.

 

I'm running the latest MX version.

Labels:
16 Replies 16
ww
Kind of a big deal
Kind of a big deal
‎Feb 11 2025 11:09 AM
‎Feb 11 2025 11:09 AM

The picture is not for the traffic shaping section 

0 Kudos
In response to ww
RaphaelL
Kind of a big deal
Kind of a big deal
‎Feb 11 2025 11:12 AM
‎Feb 11 2025 11:12 AM

indeed but same menu / result : 

RaphaelL_0-1739301163718.png

 

0 Kudos
In response to RaphaelL
ww
Kind of a big deal
Kind of a big deal
‎Feb 11 2025 11:23 AM
‎Feb 11 2025 11:23 AM

That is strange.  It should be working for traffic shaping rules.  

For vpn traffic-policies its still not available afaik

In response to ww
RaphaelL
Kind of a big deal
Kind of a big deal
‎Feb 11 2025 11:25 AM
‎Feb 11 2025 11:25 AM

Oh really !? Bummer..

 

Also the menu/output is present for my L7 firewall rules which kinda suggest that NBAR is not enabled/running. 

 

I'm running MX 19.1.7.1 , MS 17.1.4 and MR30.7 which is pretty much the latest version in every category. Might open a ticket on that one.

0 Kudos
In response to RaphaelL
ww
Kind of a big deal
Kind of a big deal
‎Feb 11 2025 11:42 AM
‎Feb 11 2025 11:42 AM

Maybe somehow related to an old network using the same template?

0 Kudos
In response to ww
RaphaelL
Kind of a big deal
Kind of a big deal
‎Feb 11 2025 11:45 AM
‎Feb 11 2025 11:45 AM

That's what I thought at first. I created a brand-new template + network for the purpose of testing this. 

So there is only 1 network bound , still can't get it to work. Maybe I have some shaddy backend option preventing me from doing this. At this point I don't know 😥

0 Kudos
In response to RaphaelL
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 12 2025 11:14 AM
‎Feb 12 2025 11:14 AM

It's not one of those features that don't work in templates is it?

0 Kudos
In response to PhilipDAth
RaphaelL
Kind of a big deal
Kind of a big deal
‎Feb 12 2025 11:59 AM
‎Feb 12 2025 11:59 AM

I hope not... 😓

0 Kudos
tnco
Getting noticed
‎Feb 11 2025 1:22 PM
‎Feb 11 2025 1:22 PM


Hi @RaphaelL 

The documentation states that there are limitations when using configuration templates. Are the same things observed outside of template networks?

 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Next-gen_Traffic_Anal...

RaphaelL
Kind of a big deal
Kind of a big deal
‎Feb 13 2025 4:42 AM
‎Feb 13 2025 4:42 AM

Templates, and networks bound to them, will have rulesets that are significantly more limited in terms of the classifications performed via NBAR. Due to technical limitations, the expanded NBAR rule set is not currently supported. Supported hardware and firmware versions are still required for this functionality.

 

Ahhhhh the MX. Love it.

*sarcasm*

 

NBAR works just fine in a template with SD-Internet policies , but doesn't work with anything else ☠️

In response to RaphaelL
jimmyt234
A model citizen
‎Feb 17 2025 3:09 AM
‎Feb 17 2025 3:09 AM

Another reason we stopped using templates 🙂

0 Kudos
In response to jimmyt234
TyShawn
Head in the Cloud
‎Feb 19 2025 4:06 AM
‎Feb 19 2025 4:06 AM

How many sites do you run? 

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
In response to TyShawn
jimmyt234
A model citizen
‎Feb 19 2025 5:30 AM
‎Feb 19 2025 5:30 AM

We manage customers that range anywhere from 1 site to 100+ sites!

0 Kudos
In response to jimmyt234
TyShawn
Head in the Cloud
‎Feb 19 2025 6:38 AM
‎Feb 19 2025 6:38 AM

I’m assuming you’re using APIs then…?

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
In response to TyShawn
RaphaelL
Kind of a big deal
Kind of a big deal
‎Feb 19 2025 6:42 AM
‎Feb 19 2025 6:42 AM

We have 1700 networks. Half of them are using templates for "simplicity". We are mostly using the API also.

In response to RaphaelL
TyShawn
Head in the Cloud
‎Feb 19 2025 8:30 AM
‎Feb 19 2025 8:30 AM

@RaphaelL @I’m mostly on templates as well. 

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.