Meraki

JohnUK · ‎Feb 23 2018

Hi

I have one of our clients using the wireless network with a high consumption of data. It has categorised this as Non-TCP Web Traffic, is there anyway I can find out what this is?

Uberseehandel · ‎Feb 26 2018

have you considered asking them what they are doing?

Robin St.Clair | Principal, Caithness Analytics |

@uberseehandel

View solution in original post

PhilipDAth · ‎Feb 24 2018

If hostname visibility is enabled then you can usually figure it out based on where the traffic is going to.

https://documentation.meraki.com/MR/Monitoring_and_Reporting/Hostname_Visibility

JohnUK · ‎Feb 26 2018

Hi,

Thanks for the reply. I have enabled this & it looks like they are using some proxy server to access various. Can I just block non-tcp web traffic?

ww · ‎Feb 26 2018

You can make a group policy with some L3/L7 firewall rules & shaping and attach it to the specific client.

JohnUK · ‎Feb 26 2018

I have created policy for this person & attached the below firewall rule to allow ports 80 & 443 only. Will this work?

ww · ‎Feb 26 2018

a deny any would be your last rule not the first.

port 443 also would be on tcp.

JohnUK · ‎Feb 26 2018

Thank you, so the below is correct - Just got to bare with me, new to creating rules

ww · ‎Feb 26 2018

adding a deny any is very restictive since the client probably also need to reach services like dns dhcp ntp

JohnUK · ‎Feb 26 2018

The issue I have is that I have blocked all P2P & they seem to be using different ports to get to WEB, I presume to stream some video via a proxy connection.

Uberseehandel · ‎Feb 26 2018

have you considered asking them what they are doing?

Robin St.Clair | Principal, Caithness Analytics |

@uberseehandel

Dylan_YYC · ‎Mar 5 2018

LOL! im sure they'll come back with "oh, nothing it must be something in my computer"