Port Forwarding on MX 100 Allowed Remote IPs not honoring Layer 7 Rules?

sealyc
Conversationalist

Port Forwarding on MX 100 Allowed Remote IPs not honoring Layer 7 Rules?

Good Day,

 

I have recently rolled out a security appliance and I was alerted to traffic coming in from a country I block in my Layer 7 rules (To/From traffic). I found the IP block in ARIN and set a block for the entire range. I noticed that the Forwarding Rules section listed "Allowed Remote IPs" and I was wondering if the port Forwarding rules ignore certain Layer 7 rules?

After I added the remote ip range to the Layer 7 rules the traffic did stop.

Is it that the block Country rules are too general and the firewall may only perform a best effort as to not get overwhelmed by requests?

 

Thanks for any light shedding that can be performed.

1 REPLY 1
PhilipDAth
Kind of a big deal
Kind of a big deal

Block by country is not an exact science.  It is a crude measure to coarsely try and block traffic from that country.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels