Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

External Website(s) Blocked - How?

jpjeffery
Getting noticed
‎Mar 31 2023 2:31 AM
‎Mar 31 2023 2:31 AM

External Website(s) Blocked - How?

Hello

 

I'm deploying MR36 units in our office.

 

We have a Ruckus-based WiFi in production. Traffic over our guest WiFi is allowed (via our Firewall).

 

I've added a guest WiFi with our Meraki units (which again has to route out via our Firewall) but I'm finding some traffic is blocked (traffic that is allowed via the Ruckus).

 

Where do I need to look to work out why this is happening? Presumably the traffic is being passed out so is there a Meraki Firewall service doing the blocking?

Labels:
0 Kudos
Subscribe
5 Replies 5
Brash
Kind of a big deal
Kind of a big deal
‎Mar 31 2023 2:49 AM
‎Mar 31 2023 2:49 AM

Meraki AP's can implement firewall rules on SSID's.

Look under wireless -> firewall and traffic shaping in the dashboard 

Subscribe
In response to Brash
jpjeffery
Getting noticed
‎Mar 31 2023 3:20 AM
‎Mar 31 2023 3:20 AM

Thanks, yes, I've seen that but I don't recall changing the Firewall settings from the defaults.

 

To double-check I created a new temp SSID and compared. The only thing that's different in the first SSID is that Local LAN is set to Deny (which is what we want)

0 Kudos
Subscribe
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 31 2023 4:43 AM
‎Mar 31 2023 4:43 AM

if it's allowed on the ssid, this is probably not a Meraki issue. Is the Client IP assignment set to Bridged or NAT?

If you are using NAT, the IP of the AP is used to make the accesses, so it may be that you have some blockage in the APs network.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Subscribe
In response to alemabrahao
jpjeffery
Getting noticed
‎Mar 31 2023 4:50 AM
‎Mar 31 2023 4:50 AM

In order to segregate guest devices from our office network I set it to "Meraki AP assigned (NAT mode)".

0 Kudos
Subscribe
In response to jpjeffery
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 31 2023 5:24 AM
‎Mar 31 2023 5:24 AM

So, try to find some log on your firewall coming from the AP IP.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.