Meraki Community

BillMcC

Hey guys, I have an issue with a customers port forward. typical setup webserver port 80 with a list of allowed remote IP's. For some reason it is allowing all internet traffic on the forward. I looked for incorrect address entries but I do not see any. Any crazy or obvious thing that would cause the allow list to be ignored?

Thanks,

alemabrahao

Yes, you are probably allowing all traffic to the MX status page, this could influence it, because if I'm not mistaken it responds to both port 80 and 443.

It's a bit bizarre, but I've seen similar problems before.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

alemabrahao

Yes, you are probably allowing all traffic to the MX status page, this could influence it, because if I'm not mistaken it responds to both port 80 and 443.

It's a bit bizarre, but I've seen similar problems before.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

BillMcC

I thought of this but said “Surely Not” 🙂 Let me test this right quick.

Thanks!

BillMcC

That was it. Of all the crazy. Maybe they should update this on the KB page to include what you shared.

Forwarding TCP 443/80

If a port forward for ports 443 or 80 is configured, you may be unable to reach the local status page via the MX's WAN IP address.

Thanks again!

Meraki Community

Port forward on port 80 with restrictions.

Port forward on port 80 with restrictions.

Forwarding TCP 443/80