IPV4 ACLs

BlakeRichardson
Kind of a big deal
Kind of a big deal

IPV4 ACLs

 We initally looked at using a MS425-32 to do all of the routing on our netwokr however when we found that you couldn't add in port ranges and only a single port as well as the low number of ACL's that can be added we had to change tact.

 

Does anyone know if anything has changed on this front, I don't have a spare switch to play around with this as all of our switches are currently in production. 

 

 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
4 Replies 4
jdsilva
Kind of a big deal

This isn't a good sign 😞

 

image.png

BlakeRichardson
Kind of a big deal
Kind of a big deal

@jdsilva  Thanks, I have no idea why ranges aren't supported but thats a question for the software engineers. Thanks for checking!

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
jdsilva
Kind of a big deal

No problem.

 

When I pulled the docs for these I was reminded of another reason why using these might be more trouble than they're worth:

 

image.png

PhilipDAth
Kind of a big deal
Kind of a big deal

Sometimes if you have a very simply topology, like core MS425 switches, and then you have just a couple of links to distribution switches and the access switches hang off those you can use MX's in passthrough mode between the core and distribution layer, and have them do the firewalling.

You'd probably want to use at least MX250s to get 10Gbe ports.

 

https://documentation.meraki.com/MX/Networks_and_Routing/Passthrough_Mode_on_the_MX_Security_Applian...

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels