Meraki Community

andrej_ns · ‎Sep 5 2024

Hello everyone. Is there a limit on the number of allowed remote IPs we can specify when opening ports? We have a service we need to open to about 200 customers and was hoping not to have to have it open to the world.

Is anyone aware of any limitations before we get into deploying it?

Shubh3738 · ‎Sep 6 2024

there is a limit to the number of remote IPs you can specify when opening ports. Specifically, for port forwarding or 1:1 NAT, Cisco Meraki allows you to define up to 32 remote IP ranges per port rule. This limitation is for security and performance reasons, as maintaining extensive firewall rules for large numbers of individual IP addresses can introduce overhead.

If you need to open access to 200 customers, there are a few strategies you could consider:

IP Range Consolidation: If possible, try to aggregate IPs into CIDR ranges to reduce the number of entries. This may help you fit within the 32 IP range limit.
Use a VPN: Instead of exposing the service via port forwarding, you could have your customers connect via a site-to-site VPN or client VPN, which would limit access to authenticated users and remove the need to open ports to individual IP addresses.

andrej_ns · ‎Sep 9 2024

Thanks mate.

I raised a case with Meraki support and they said they don't have a limit and that I should give it a go and see if any issues.. I guess I will try and report back here with findings!

Meraki Community

Remote IPs limit?

Remote IPs limit?