cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Wireless AP firewall rules

Getting noticed

Wireless AP firewall rules

Hi,

 

I'm trying to understand the way firewall rules function on the wireless AP (MR devices). Unlike traditional firewalls where you have an inbound and outbound interface, how exactly are the rules applied to a wireless user for each request? The rules aren't applied to the uplink interface, correct?

 

Thanks in advance,

Jerome

2 REPLIES 2
Meraki Employee

Re: Wireless AP firewall rules

When configuring firewall and traffic shaping rules via the wireless menus in an MR configuration, those firewall rules are applied to every user/client request on the wireless side of the AP, so you can have L3 and L7 firewalling right at the edge without needing to place any blocked traffic on the wired side and rely on some other firewall further upstream.  You can set firewall and traffic shaping rules on an SSID by SSID basis, and you can also do it in group policies.  You should be able to confirm by setting a FW rule on a wireless SSID and then run a packet capture on the wired/LAN side of the AP and see that the firewalled traffic is not traversing the AP's uplink to the switching infrastructure.  More info here https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/Firewall_Rules

Getting noticed

Re: Wireless AP firewall rules

Thank you @MerakiDave!!

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.