why doesnt Meraki firewall on the AP's allow source ip?

CarlT
Here to help

why doesnt Meraki firewall on the AP's allow source ip?

Hi

We wanted to add some rules on our WLAN to block certain pc's accessing systems on the LAN.

How come we cannot add source ip addresses in? it appears to be an all or nothing approach?

Cheers

5 REPLIES 5
ww
Kind of a big deal
Kind of a big deal

Yes the source is everything on that ssid. You could use the group policy and assign that to the specific clients

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Creating_and_Applying...

PhilipDAth
Kind of a big deal
Kind of a big deal

If you are using RADIUS based authentication, you can also dynamically assign the group policy per client using the Filter-Id attribute.

https://documentation.meraki.com/MR/Group_Policies_and_Block_Lists/Using_RADIUS_Attributes_to_Apply_... 

 

This lets you do more advanced things like having a single SSID but dropping different users into different VLANs, applying different firewall rules, bandwidth limits, etc.

Brash
Kind of a big deal
Kind of a big deal

Second what @ww said, group policy is ideal for this

CarlT
Here to help

Hi

I had a look at that, how will that work, it still doesnt contain source IP? or are you saying by creating that it will deny just the clients that have the policy applied and not touch anything else on that wlan ?

ww
Kind of a big deal
Kind of a big deal

You create a group policy. You apply it to a client.(The clients is then the "source"). So it only affects that client

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels