Group policies are not working on the dashboard platform

Sistemas_SLG
Here to help

Group policies are not working on the dashboard platform

Hello to the whole community!

 

I currently have a problem on the dashboard platform and would like to know if someone could help me please?

The policies that I have configured for the "Security-appliance" network are not working in terms of group policies.

As an example I have the team "SALA3-PC21" which has a group policy called "G_VLAN8", which restricts access to adult content pages according to the category "Adult and pornography" but from that team access to that type of pages is free.

 

Actually I do not really know what configuration should be used for the policies to work correctly within the "Security-appliance" network. If someone could give me some advice, it would be very helpful.

 

I attach images of the situation:

PC.jpgPC config.jpgPolitica VLAN 8.jpgDetalles politica VLAN8.jpg

I would greatly appreciate any collaboration.

6 Replies 6
AjitKumar
Head in the Cloud

Hi,

The Group Policy in Meraki can be applied at various Levels ie. MAC, IP, VLAN, AD Groups.

Please check the following Url for the "order of priority" of the policies if applied at Multiple Levels.

 

https://documentation.meraki.com/zGeneral_Administration/Tools_and_Troubleshooting/Troubleshooting_G...

 

Also make sure to select "Full List" under

Security & SD WAN -> Content Filtering -> URL category list size.

 

Regards,
Ajit
AjitsNW@gmail.com
www.ajit.network
PhilipDAth
Kind of a big deal
Kind of a big deal

That should work. Note that once you apply a group policy with content filtering that the content filtering doesn't always kick in straight away.  It is not uncommon to have to wait 10 minutes.

NolanHerring
Kind of a big deal

Do you have 'URL category list size' set for Top Sites or Full List ?

Assuming technically speaking either list won't guarantee 100% exposure to blocking all 'adult sites', since there are so many of them. However its easy enough to test with the big hitters out there.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
Sistemas_SLG
Here to help

Hello again!

 

I am already looking at the issue of group policies at different levels and with regard to the "Priority Order" also in order to have clarity on the subject.

As for the URL item "Category list size" in "Content filtering" this is currently enabled the option "Complete list" as they mention me.

 

Now the specific issue is that apparently the changes are not taking them to change from one policy to another, but that the client is in a different state of policy and appears visually as "Normal" is actually with the old policy. Proof of that was that in the categories of the old policy add the item "Adult and pornography" and automatically the content was restricted.

 

I thank you for all the responses generated. But now I'm also worried about the violation that policies can receive with the use of proxy-type Chrome extensions like "UltraSurf Security, Privacy & Unblock VPN" and the private browser "Tor"???? According to the tests I did, with these tools, no policy seems to have an effect on the MX.

 

I thank you all for your cooperation! Regards

NolanHerring
Kind of a big deal

If someone is using a VPN (or something similar like TOR) then there isn't anything you can do to stop them from viewing what they want as the traffic is now encrypted and you have no way of knowing what it is.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
Sistemas_SLG
Here to help

Ok, thank you very much for your collaboration!
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels