I have MR42, MX64 and MS220-8
Based on the guides I created a Group policy that blacklists * and whitelists 2 websites and also meraki.com
I have applied this group policy to a VLAN for a specific SSID (for some reason group policy applied via sentry tags wasnt working which I created a post about here: https://community.meraki.com/t5/Network-Wide/Group-Policy-via-Sentry-Tag-not-working/m-p/2972#M76
However, this has broken Systems Manager MDM on the ipads. When I added meraki.com to the whitelist it caused the Meraki app on the Ipad to show all green check marks but the ipads show offline in Systems Manager and I can not send commands to them anymore. The guide doesnt say what I need to put in the URL filtering whitelist, it mentions meraki.com but that clearly isnt enough. These are URL filters so I cant whitelist ip addresses afaik.
This was the guide I followed: https://documentation.meraki.com/MX-Z/Content_Filtering_and_Threat_Protection/Content_Filtering
Anyone can help me with this?
Solved! Go to Solution.
Try whitelisting *.apple.com.
@PhilipDAth wrote:Try whitelisting *.apple.com.
I totally didnt think that MDM might go through apple, I thought it was direct to meraki, going to whitelist *.apple.com now. Thanks.
Apple devices are very much tied to Apple (consider Apple push notifications).
Have you got any way to log the DNS queries being made (even if by a packet capture)? If so use that method to get a definitive list of what is needed.
I whitelisted *.apple.com and it fixed my issue, thank you!