Meraki

Community

Remote IPs limit?

andrej_ns
Conversationalist
‎Sep 5 2024 11:36 PM
‎Sep 5 2024 11:36 PM

Remote IPs limit?

Hello everyone. Is there a limit on the number of allowed remote IPs we can specify when opening ports? We have a service we need to open to about 200 customers and was hoping not to have to have it open to the world. 

Is anyone aware of any limitations before we get into deploying it?

Labels:
0 Kudos
2 Replies 2
Shubh3738
Building a reputation
‎Sep 6 2024 12:19 AM
‎Sep 6 2024 12:19 AM

there is a limit to the number of remote IPs you can specify when opening ports. Specifically, for port forwarding or 1:1 NAT, Cisco Meraki allows you to define up to 32 remote IP ranges per port rule. This limitation is for security and performance reasons, as maintaining extensive firewall rules for large numbers of individual IP addresses can introduce overhead.

If you need to open access to 200 customers, there are a few strategies you could consider:

  1. IP Range Consolidation: If possible, try to aggregate IPs into CIDR ranges to reduce the number of entries. This may help you fit within the 32 IP range limit.

  2. Use a VPN: Instead of exposing the service via port forwarding, you could have your customers connect via a site-to-site VPN or client VPN, which would limit access to authenticated users and remove the need to open ports to individual IP addresses.

0 Kudos
In response to Shubh3738
andrej_ns
Conversationalist
‎Sep 9 2024 3:44 PM
‎Sep 9 2024 3:44 PM

Thanks mate.

I raised a case with Meraki support and they said they don't have a limit and that I should give it a go and see if any issues.. I guess I will try and report back here with findings!

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.