Whitelisting an IP for access to the network

Padraig
Conversationalist

Whitelisting an IP for access to the network

I have a public IP address I want to whitelist for remote access to the network. I can only see whitelisting for URLs. Is IP whitelisting possible on Meraki?

7 Replies 7
ww
Kind of a big deal
Kind of a big deal

KarstenI
Kind of a big deal
Kind of a big deal

Are you talking about Rremote Access VPN to the MX? I am not aware of any config to restrict the VPN-clients IP.

 

Not sure if it is worth the effort, but if you authenticate the VPN-user with RADIUS, you could filter on the RADIUS-Attribute "Calling-Station-ID" which is the IP of the remote client.

 

EDIT: I just remembered (and quickly confirmed that this is also the case with MX version 15.37) that the MX does not send this RADIUS attribute. So this "workaround" will not work as it would for example with a Cisco ASA/FTD!

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
PhilipDAth
Kind of a big deal
Kind of a big deal

I don't understand the intent of your question.  Can you explain what you are trying to achieve?

Padraig
Conversationalist

I have a PC and other devices at a particular Jobsite and I want to remote into this jobsite to access these devices from my office location. I only want access to be allowed from my PC in my office, no other PCs.

cmr
Kind of a big deal
Kind of a big deal

If you have an AP you can add it to the sites network, or use the client VPN.  Are neither of these possible for you?

If my answer solves your problem please click Accept as Solution so others can benefit from it.
Padraig
Conversationalist

Ok. What has the AP got to do with this? I am not in the same LAN.

cmr
Kind of a big deal
Kind of a big deal

You can have an AP where you are using the MX at the site as a concentrator, so you end up on the LAN

If my answer solves your problem please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels