Meraki

Community

need to block ransome ip in MX firewall

Mkarthikeyan
New here
‎Sep 11 2024 11:14 PM
‎Sep 11 2024 11:14 PM

need to block ransome ip in MX firewall

we have set of Ransomware public IPs that need to block in layer 3 policy

Labels:
0 Kudos
4 Replies 4
Brash
Kind of a big deal
Kind of a big deal
‎Sep 11 2024 11:33 PM
‎Sep 11 2024 11:33 PM

You can block specific IP's in the MX Layer 3 firewall rules under Security & SD-WAN -> Firewall.
I'd also suggest blocking some of the security related categories under content filtering.

0 Kudos
In response to Brash
Mkarthikeyan
New here
‎Sep 12 2024 12:04 AM
‎Sep 12 2024 12:04 AM

like i have trying to block specific public ip it shows only ipv6 can block

 

0 Kudos
In response to Mkarthikeyan
ww
Kind of a big deal
Kind of a big deal
‎Sep 12 2024 1:48 AM
‎Sep 12 2024 1:48 AM

Use the outbound rules.

Inbound ipv4 sessions are blocked by default

 

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Firewall_Settings#Outbound_rules

KingArthur
Here to help
‎Sep 13 2024 4:11 AM
‎Sep 13 2024 4:11 AM

As a minimum use opendns as your dns servers. This will already help a lot.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.