Meraki

Community

MV Cloud Archive Firewall rules

KSanderson
Just browsing
‎Mar 7 2023 12:46 AM
‎Mar 7 2023 12:46 AM

MV Cloud Archive Firewall rules

Hi.

The suggested rule for Cloud Archive is to open port 443 to destination ANY.  That is far too broad for us to implement so is there a URL that the cameras use to upload the footage to cloud storage?  There must be something set as it can't just broadcast the footage to all addresses 🙂

 

Any help is appreciated.

0 Kudos
4 Replies 4
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 7 2023 2:49 AM
‎Mar 7 2023 2:49 AM

Unfortunately it is Meraki's recommendation, in which case you can open a support case.

 

alemabrahao_0-1678186105071.png

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Ryan_Miles
Meraki Employee
Meraki Employee
‎Mar 7 2023 9:52 AM
‎Mar 7 2023 9:52 AM

I've been testing a tighter ruleset for my CA enabled MVs. It appears allowing 443 to *.vision.meraki.com is working (in addition to the other cloud destinations needed for mgmt, streaming proxy, etc).

 

They appear to also need port 80 to 142.250.0.0/15 which must be part of the broader port 80 to any suggested rule.

Ryan

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
Ryan_Miles
Meraki Employee
Meraki Employee
‎Nov 25 2024 2:59 PM
‎Nov 25 2024 2:59 PM

Been a long time since my previous post. Always reference the Firewall info page in your dashboard to see the current list of IPs, FQDNs, protocols, and ports required for your deployment as that list can/does change over time.

Ryan

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
In response to Ryan_Miles
Dunky
Head in the Cloud
‎Nov 28 2024 8:00 AM
‎Nov 28 2024 8:00 AM

I believe the correct dst FQDN for Cloud Archive is dependant on region which is why the 'Firewall Info" page says ANY.  In reality there is an FQDN for each region, e.g.

cloud-archive-upload.euc.vision.meraki.com

cloud-archive-upload.apa.vision.meraki.com

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2025 Cisco Systems, Inc.