Showing results for 
Search instead for 
Did you mean: 

VPN firewall use case


VPN firewall use case


We want to apply a firewall filtering for a vlan in branches. Each branch has 5 vlans and there are hundreds of branches. We are using a template to manage them all.

Because regular firewall doesn't check packets which go through VPN, we can't apply a firewall rule for a vlan. However VPN firewall which works organization-wide does only support IP/subnet which means i have to configure every vlan seperately which is not feasible. Is there any easier way to do this?



Kind of a big deal

Re: VPN firewall use case

No doubt about it, this is a painful situation.


If you are lucky you might be able to put in rules like any -> destination set of subnets, if the destination set is not too large.


If the branches weren't deployed yet sometimes it is better to allocate VLAN"x" subnets from a larger supernet, like 10.x.branch.0/24.


But on the whole, there is no nice Cisco Meraki solution for this situation.

Tags (1)

Re: VPN firewall use case



I think I have a similar set-up. Our sites have 4 additional vlans, which I've named, so these can be and pre-configured as part of the template. However , like you I have to configure each individual MX as and when it's deployed. Which will become a pain, I'm sure. 



Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Points Contest
Join us for a month-long contest with heaps of swag to win!

Learn More ›