Meraki

Community

SGT Order of Operation question

ammahend
Building a reputation
‎Jul 10 2024 7:00 PM
‎Jul 10 2024 7:00 PM

SGT Order of Operation question

As Per Meraki this is SGT order of operation for Adaptive policy

ammahend_0-1720663044907.png

 however usually most switch ports have VOIP and DATA both where PC is connected to Phone in 2 different vlan, now if I assign a TAG to this port will that TAG apply for voice and data packets both ?? if Yes then how do I tag voice traffic with a different SGT,  unless I am going 802.1X (which many people don't). other option is IP-SGT mapping and if I do IP - SGT mapping, the static port SGT will overwise SGT-IP mapping as per order of operation. I guess I can create 2 seperate IP-SGT mapping, one for VOIP another for DATA and not tag the port, but then the problem is its IP dependent and any VLAN miss match on port can potentially change how policy is applied to an endpoint bypassing security.

Labels:
0 Kudos
2 Replies 2
ammahend
Building a reputation
‎Jul 10 2024 7:01 PM
‎Jul 10 2024 7:01 PM

.

0 Kudos
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jul 11 2024 12:30 AM
‎Jul 11 2024 12:30 AM

I would suggest you open a support case.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.