Group policies Normal / Blocked etc

ChrisK
Conversationalist

Group policies Normal / Blocked etc

Hi, we have a number of devices on our AP MR33 with a basic off network setup to deny any local lan using the Normal policy on each client.  What I would like to do now, is assign group policy by device and select the Blocked policy.  My thinking is that any new devices that come on the wireless will be blocked by default and then once authorized I could change them to normal.  BUT when I setup the policy by device and select Blocked for all types, it gives my laptop, that is currently on the wireless, access to all the devices on my local network.  For the life of me I cannot understand how this would affect my laptop which had already been on the wireless with a Normal policy and was not able to see anything on the local lan prior.

4 Replies 4
MilesMeraki
Head in the Cloud

Are you sure you're not using "Different Policies by connection and SSID" when applying the group policy? This would be the only thing which I could think would be allowing your device connection? Unless there's an error with your configuration in your group policy. 

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)
ChrisK
Conversationalist

Currently all the devices on this SSID have the normal policy assigned from being new devices.  If I now go into this SSID and select to block by device type, and select all the device types with the blocked policy, (so that if a new device comes on the SSID it will be blocked by default) all the current devices already on this SSID now get full access to the network.  I tested this with my laptop.  It is currently a member of our SSID with normal policy.  I cannot see anything on the network as it should be.  But as soon as I add the "block by device type" and select all the devices with a blocked policy, my laptop gets the ability to see on the devices on the local network.

MilesMeraki
Head in the Cloud

Right.. Unfortunately, nothing springs to mind which could be causing this problem. Have you attempted to open a support call to ensure that this behavior isn't a bug? 

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)
ChrisK
Conversationalist

Nope, I thought I would try here first.  But I will open a case for sure.  Thanks

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels