How to block some Machine that connected to MS-120 for internet via ACL or via MX
I have some Machines in VLAN and some of them need internet but another machine no need access to internet, actually the machine is an industrial switch and i don't want those machine IP received internet.
Solved! Go to Solution.
Thank you for your quick responce.
that switch need to be alive for file sharing, so I can not block them, I just wanna stop receive internet by to those switches because they are connected to PLC devices so no good they connected to the internet, what policy i can apply for it?
You should block access to the Internet at the point where your network connects to the Internet. In a Meraki world, this would normally be done on an MX.
Being a PLC network, can you just leave it as a L2 network with no layer 3 configurations? Then it can't talk to anything else which is not on the PLC network.
If you need remote access to the PLC network then using a jump host is more secure. It has one NIC attached to the PLC VLAN, and one NIC connecting to the rest of the network.