yes i didn't find it too, it's block some internal site like gitlab, jenkins but not for everybody but always on high port > 50000 !!
thanks i do this
all my internal site are seen as "Miscellaneous video". perhaps the problem is here ( and i block video site )
Thank you - I will be doing some internal following-up to see if we need to file a bug report about this, because I'm not sure where that errant NBAR classifier is coming from if it's not defined under the previously referenced protocol pack documentation.
Meraki support provide me the link for official documentation of NBAR !! 👍
but i just need an explanation of why my internal site are classified "Miscellaneous video" nbar 2836 or to change this classification.
We have this issue as well, was blocking RDP traffic and DNS traffic. It flagged it as random things, like P2P. We had to disable most L7 rules for it to go away. Support recommended we upgrade to the latest firmware, but it had no notes about NBAR so we declined.
i have false p2p too ( so i disable L7 p2p ), but lot of nbarid 121 "Binary over HTTP" block and no ways to disable this one.
I would also like to recommend that Meraki add more ways to Whitelist NBAR. It's a real pain to have to create group policies for devices and lose our 2 way MX firewall rules. As a school, we can't realistically turn off Peer to Peer and NBAR blocks too many false positives.
i just went to 16.16 on several networks in an organization and am seeing it misclassify internal and external DNS traffic, and internal Avaya IP Office to IP Office traffic as well. And for good measure, some internet based line of business applications for a health care facility.
Would be great to be able to more knobs related to NBAR. My choices today seem to be able to remove l7 rules for all social media to make dns work. I must be missing some docs
My ticket is 07775843
Same things here.
Blocked DNS requests as "XBOX Live" 😞
Disabled NBAR in Traffic analysis but i would like to maintain it to "detailed" and "all gaming" L7 rules!