Meraki

Community

Why does the MX appliance have a separate rulebase for VPN and it bypasses the main firewall rules?

CarlT
Here to help
‎Mar 14 2024 5:11 AM
‎Mar 14 2024 5:11 AM

Why does the MX appliance have a separate rulebase for VPN and it bypasses the main firewall rules?

Hi Guys

Is there a reason the MX appliance have a separate rulebase for VPN and it bypasses the main firewall rules?, it means in some cases we have to duplicate the rulebase etc and it can make it confusing.

What is the thinking behind this? any plans to change in future?

Labels:
0 Kudos
2 Replies 2
alemabrahao
Kind of a big deal
‎Mar 14 2024 5:18 AM
‎Mar 14 2024 5:18 AM

Good question, I think only the product design team will know how to answer.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
KarstenI
Kind of a big deal
Kind of a big deal
‎Mar 14 2024 7:16 AM
‎Mar 14 2024 7:16 AM

I would not expect it to change anytime soon. But the rules that are only valid for VPN, are not needed in the general firewall area. Yes, at the beginning it is highly confusing. But over time, you'll get used to it. No, likely not loving it, but accepting it. 😉

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.