Showing results for 
Show  only  | Search instead for 
Did you mean: 

Simple MX Configuration

Getting noticed

Simple MX Configuration

Hello to the community


I am not a beginner but also i am not a guru 


We have a meraki MX64 till last summer in our company and i am looking for answers of how to configure it as best as possible. We have no serious problems 

Here is my configuration


The primary wan port is enabled by default (we have an internet bridge connection on it) and i also configured the Lan 4 port as wan and we have also a bridge internet connection on it


The meraki is enabled as dhcp server and we have no wireless connections on it . I mean that we do not have wireless access on our company network. For this case we have a 3rd router which is only for wireless and is outside of our company network (for customers or for our mobile phones)


For the operation of port forwarding i have only one rule for a port of our server and 1 static ip from outside is allowed to have access on this port


I blocked some website categories like sex,drugs,guns and i added 2 firewall layer 7 rules in order to block p2p networks and online gaming

I have enabled the advanced malware protections and intrusion detection

The last week one time a day i have these events and i don't know what they are


Intrusion detection started

Intrusion detection error

Intrusion detection rules update


We also have an endpoint protection the last month which is fine (seqrite) .


So, we have no serious problems but i want your advices how to add a better protection on meraki by adding some usefull rules 


Meraki Employee

Re: Simple MX Configuration

Hi @ManolisFr it really depends on what else you might want or need to restrict based on company policy for example.  But generally speaking, another common L7 FW deny rule is to block all peer-to-peer traffic for example.  And since you have the Advanced Security license to leverage Content Filtering, IPS and AMP, you might also consider putting geo-FW rules in place to block all traffic to/from specific countries.  Another common practice is to set a global per-client bandwidth limit on the SDWAN & Traffic Shaping page, so no one client or group of clients can hog too much of your ISP's bandwidth, perhaps 5 or 10Mbp with Speedburst enabled for example.  Since you have 2 ISP connections on WAN1 and WAN2/LAN4, you can also adjust the bandwidth sliders to the appropriate levels on that same traffic shaping page.  Hope that helps, perhaps that's a start at least, not sure what else you might be looking to do.

Kind of a big deal

Re: Simple MX Configuration

To add to the answer of @MerakiDave . That sequence of intrusion detection log messages is a known issue that is supposed to be solved in firmware version 14.31 according to this topic:


But as far as I can see the stable releases are still on 13.36.


If it bothers you you can upgrade to the newer firmware from Organization > Firmware Upgrades and then going to the All networks tab. Find your MX, select it, and click the Schedule upgrades button.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.