cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

VLANs cannot obtain group policies on Meraki MX

Highlighted
Here to help

VLANs cannot obtain group policies on Meraki MX

Hello Team ,

 

Why do our VLANs cannot obtain the group policies we have created. Unless we access the firewall and manually assigned the group policy. We are using Meraki MX. 

9 REPLIES 9
Highlighted
Kind of a big deal

Re: VLANs cannot obtain group policies on Meraki MX

Is the MX the default gateway for the VLANs concerned, or is it some other device?

Highlighted
Here to help

Re: VLANs cannot obtain group policies on Meraki MX

Yes sir . the MX is the default gateway

Highlighted
Kind of a big deal

Re: VLANs cannot obtain group policies on Meraki MX

What makes you think the group policy is not being applied?

 

Are you applying it to the VLAN itself, or to machines in the VLAN?

Highlighted
Here to help

Re: VLANs cannot obtain group policies on Meraki MX

Upon checking the Monitor>Clients the user under that VLAN the policy that was obtain is normal.

Highlighted
Kind of a big deal

Re: VLANs cannot obtain group policies on Meraki MX

How are you applying the group policies to users?

 

Is it applied to the VLAN itself?

Perhaps manually to the machines?

Perhaps via AD integration?

Perhaps via a splash page?

Highlighted
Here to help

Re: VLANs cannot obtain group policies on Meraki MX

It is applied to the VLAN itself and the clients who got the IPs from that VLAN did not get the group policy assigned to the vlan.

Highlighted
Kind of a big deal

Re: VLANs cannot obtain group policies on Meraki MX

@PhilipDAth did all the heavy lifting on this one... But I'll bring this on home. 

 

When you have GP's assigned to a VLAN they won't show up on the clients in the clients page. However, if you test it out you will see that the settings in the GP are indeed enforced on any client that is on that VLAN.

 

It's a bit unintuitive, and makes for a gotcha when you're troubleshooting, but that is the way it is. It sorta makes sense if you think that the VLAN is actually applied to the VLAN as opposed to a client, and the policy specified is enforced on all traffic that the MX sees on that VLAN. Technically, since the VLAN is not applied to a client, it shouldn't show up on the clients page.

Here to help

Re: VLANs cannot obtain group policies on Meraki MX

Hello sir,

So you mean that the GP should be working however it would reflect under Policy column in Client page as Normal?
Highlighted
Kind of a big deal

Re: VLANs cannot obtain group policies on Meraki MX

That is correct.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.