Meraki

Community

Restrict intervlan communication

leadtheway
Building a reputation
‎Mar 25 2019 9:04 AM
‎Mar 25 2019 9:04 AM

Restrict intervlan communication

so Have  few vlans that for the most part standalone.  i have 2 vlans created that we use for wireless...one for employee and one for guest, employee is allowed to talk to local lan, while guest is prohibited. But whats odd is if i put a pc and plug into an MS switchport on that guest vlan it can talk to any vlan.  I assume this has to do with the wireless marshalling is being done based on SSID and not Vlan, so There probably needs something to restrict it on the MX/MS

0 Kudos
1 Reply 1
NolanHerring
Kind of a big deal
‎Mar 25 2019 9:14 AM
‎Mar 25 2019 9:14 AM

If you are denying local lan access on the wireless firewall settings, it will block. However you are correct, for devices plugged in hardwire on that VLAN, you would want to edit the MX firewall settings to block inter-vlan communication.

 

For example:

 

333333333333333333.jpgYou could also do some ACL on the switch side if you have SVI's on your core switch etc.

Nolan Herring | nolanwifi.com
TwitterLinkedIn
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.