cancel
Showing results for 
Search instead for 
Did you mean: 

User firewall policy is changing automatically

SOLVED
Here to help

User firewall policy is changing automatically

Some times the appliance is changing the firewall policy of some users to custom, i want to know why and where can i see the log of this actions.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Kind of a big deal

Re: User firewall policy is changing automatically

HA !

 

So that is exactly what I was referencing in my first response lol

 

634234.JPG

 

 

So basically that group policy you have on the access control settings for that SSID is going to have false positives as you've clearly seen.

 

I have to deal with this myself, where it thinks that a MacBook Pro is an iPhone and it blocks it. I probably get a client a day for this type of thing.

 

Two solutions:

 

1. remove that feature

2. use EAP-TLS with certificate/machine based authentication and then remove that feature

Nolan Herring | nolanwifi.com
TwitterLinkedIn
13 REPLIES 13
Kind of a big deal

Re: User firewall policy is changing automatically

Sounds like someone else might be making the changes. Or you might have a group policy that changes it based on OS type for example.

Check the change logs to see if its another admin doing it under Org settings
Nolan Herring | nolanwifi.com
TwitterLinkedIn
Kind of a big deal

Re: User firewall policy is changing automatically

This can happen if you have applied a policy against two different connections types (such as MR and MX).  You then end up with "custom" showing, or it changing depending on how the user is connected.

 

When you are viewing the user, there is a little "something" (can't quite remember what it is) to expand by the "custom" showing how the policy is applying by connection type.

Here to help

Re: User firewall policy is changing automatically

Could be i just find some duplicates rules in the traffic shaping for the MX and the MR's, so i disabled the MR rules to see if this solve the issue, Thanks

Here to help

Re: User firewall policy is changing automatically

Sorry guys but no luck, today i just have other 3 users with the same issue and there is not record in the changes log so is not other admin doing this.

Kind of a big deal

Re: User firewall policy is changing automatically

When the device changes from NORMAL to CUSTOM, what exactly changes.

When you choose the drop down menu to change it back to Normal, what is it specifically that is different on the policy. Does it move them to Blocked or something? For a specific SSID?

Screenshot if you got it =)
Nolan Herring | nolanwifi.com
TwitterLinkedIn
Here to help

Re: User firewall policy is changing automatically

So when it change to custom in the title but as restrictions is similar to blocked, all access to internet and internal network is block, the most strange thing is i don't have a custom policy like thattempsnip.png

Kind of a big deal

Re: User firewall policy is changing automatically

So when it changes to custom, drop down the menu to see what exactly it changes to.

 

I'm assuming the option in red below is selected and it chooses something?

 

55555.jpg

Nolan Herring | nolanwifi.com
TwitterLinkedIn
Kind of a big deal

Re: User firewall policy is changing automatically

Show me those results and that will help determine the root cause.

Also, show us a screenshot if you don't mind, of the access control settings for that specific SSID as well please =)
Nolan Herring | nolanwifi.com
TwitterLinkedIn
Here to help

Re: User firewall policy is changing automatically

tempsnip2.png

Kind of a big deal

Re: User firewall policy is changing automatically

Ok so now that we know which SSID, show a screenshot of how you have the access control page configured for LXRandoCo HQ - wireless WiFi SSID

Also that SSID name is super redundant lol =)
Nolan Herring | nolanwifi.com
TwitterLinkedIn
Here to help

Re: User firewall policy is changing automatically

well i know that is redundant but is how  the users want it  :s 

 

tempsnip3.pngtempsnip4.png

Highlighted
Kind of a big deal

Re: User firewall policy is changing automatically

HA !

 

So that is exactly what I was referencing in my first response lol

 

634234.JPG

 

 

So basically that group policy you have on the access control settings for that SSID is going to have false positives as you've clearly seen.

 

I have to deal with this myself, where it thinks that a MacBook Pro is an iPhone and it blocks it. I probably get a client a day for this type of thing.

 

Two solutions:

 

1. remove that feature

2. use EAP-TLS with certificate/machine based authentication and then remove that feature

Nolan Herring | nolanwifi.com
TwitterLinkedIn
Here to help

Re: User firewall policy is changing automatically

what a pain in the ass, thanks any way i will try with the EAP- TLS

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Points Contest
Join us for a month-long contest with heaps of swag to win!

Learn More ›