Meraki

Community

NULL route on MX

rsage_voda
Getting noticed
‎Aug 5 2025 12:06 AM
‎Aug 5 2025 12:06 AM

NULL route on MX

Is it possible to configure a NULL route on a MX to prevent routing Loops.

 

I have a site with a /14 supernet from which smaller subnet are used for the various services supplied at site. There is a static route 10/8 to the MPLS network. The customer is running a Tenable scanner in Azure via the MPLS across all subnets in the /14 which is resulting in routing loops. To stop this I want to add a static route to a null interface for the \14.

 

If I add a static route for the /14 with the next hop 0.0.0.0 the dashboard throws an error that the address 0.0.0.0 is not on a configured interface.

Labels:
0 Kudos
4 Replies 4
RWelch
Kind of a big deal
Kind of a big deal
‎Aug 5 2025 1:07 AM
‎Aug 5 2025 1:07 AM

If your goal is just prevent specific subnets / destinations from being reached, you might consider:

Security & SD-WAN > Configure > Firewall then add Layer 3 outbound rules to deny traffic to ?.?.?.?/14 (or certain IPs)

 

 

 

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
alemabrahao
Kind of a big deal
Kind of a big deal
‎Aug 5 2025 3:24 AM
‎Aug 5 2025 3:24 AM

NO, it's not possible.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
DarrenOC
Kind of a big deal
Kind of a big deal
‎Aug 5 2025 6:36 AM
‎Aug 5 2025 6:36 AM

As already stated, not possible with MX or other Meraki devices.

 

Do you have anything before/after the MX where you can blackhole the traffic?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Aug 5 2025 2:53 PM
‎Aug 5 2025 2:53 PM

Depending on the number of sites you have, would replacing the 10.0.0.0/8 with a series of /14 networks instead work?

 

route 10.0.0.0/14 ...

route 10.4.0.0/14 ...

route 10.8.0.0/14 ...

route 10.12.0.0/14 ...

route 10.16.0.0/14 ...

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.