Meraki

BlakeRichardson

I am trying to block traffic between two VLANS on an MX8CW and nothing I have tried works and I feel like it's probably something simple. I have tried blocking using CIDR and VLAN ( screenshots below), neither of the rules are showing any hits and I can ping devices from either direction.

I have another rule not shown that blocks a device from accessing the internet and that works fine so I am out of ideas. If anyone has any suggestions that would be appreciated.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

Brash

Hmmm the only things that come to mind are the usual:

1. Either reboot the MX or wait at least 15 mins after creating the rule before testing

2. Ensure you're not testing using IP addresses on the MX as they will always respond to ping across VLANs

AmitPanchal

Are the L3 VLAN interfaces configured on the firewall. If No then these rules are of no use. Also try by creating a vice-versa rule like from testing to default and from default to testing and then check.

Frank-NL

If you are sure the traffic is being routed by the MX, you can confirm that with a packet capture

Frank-NL

*If you want to be really sure

Frank-NL

The rule configuration is good in both screenshots

Meraki

Community

Unable to block traffic between VLANS

Unable to block traffic between VLANS