Meraki

Community

Port Opening

Fran-Ades
New here
yesterday
yesterday

Port Opening

Hello People,

I am new to Meraki, and need help on how to open ports.


We have physical telephones which are connected to 3CX. For that connection we have to install a so called Session Boarder Controller into our telephone setup. That SBC is a physical existing Raspberry Pi. That Pi needs Port 5090 to be open for TCP and UDP. 

 

I am to use the Layer 3, Layer 7 or Port Fowarding Rules on the Firewall Dashboard?

Labels:
0 Kudos
9 Replies 9
alemabrahao
Kind of a big deal
yesterday
yesterday

Do you need to open the port for communication from an external source to your internal network or from the internal network to the internal network?

If it is from the internal network to the internal network, you do not need to allow anything, since all internal communication is allowed by default.

Now, if it is from the external to the internal network, port forwarding solves the problem.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
alemabrahao
Kind of a big deal
yesterday
yesterday

https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
Fran-Ades
New here
yesterday
yesterday

I need to open the port from an Internal to External and vice versa.

I am thinking that creating inbound and outbound rules specifying the ports and affected VLAN would suffice?

0 Kudos
In response to Fran-Ades
alemabrahao
Kind of a big deal
yesterday
yesterday

From internal to external you don't need to do anything.
From external to internal, port forwarding should resolve the issue.

 

alemabrahao_0-1741777392426.png

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
Fran-Ades
New here
yesterday
yesterday

I will try this too, and let you know the outcome.

 

Thank you.

0 Kudos
In response to Fran-Ades
Brash
Kind of a big deal
Kind of a big deal
yesterday
yesterday

Looking around the 3CX forum, it seems that the SBC only requires outbound access to the 3CX server on those ports.

 

Depending on your existing layer 3 firewall files in Meraki, it may simply work (as per the default) or you may need to create a specific rule with the source IP of your SBC, destination to the 3CX servers and allowing ports 5090 TCP & UDP.

0 Kudos
In response to Brash
Fran-Ades
New here
yesterday
yesterday

Thank you, I will try this, and provide feedback.

0 Kudos
In response to Fran-Ades
MaghM
Meraki Employee
Meraki Employee
yesterday
yesterday

All unsolicited inbound traffic is blocked by default and the L3 firewall is a stateful firewall the only way to open up specific ports inbound is by using port forwarding or NAT rules. 

 

Please check the below documentation:

https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX

 

https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Blocking_Inbound_Traffic_on_MX_Security_...

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.
RWelch
Kind of a big deal
Kind of a big deal
yesterday
yesterday

Port Forwarding and NAT Rules on the MX and suggest running the 3CX firewall checker once it’s all setup.  v18 wasn’t ever an issue but v20 was a bit more challenging.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.