Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Register or Sign in
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
About FrederiqueC
FrederiqueC
Here to help
Member since May 13, 2019
Mar 1 2022
Community Record
7
Posts
0
Kudos
0
Solutions
Badges
Feb 28 2022
6:08 AM
Hi CptnCrnch. Yes, IPS is enabled and the ruleset is set to "Balanced". Actually I've checked the snort trule list, and I am not sure if there is one for this particular vulnerability. Do you think we should try with "security" ruleset even if connectivity is essential to our organisation ? Thanks F.
... View more
Feb 28 2022
2:25 AM
Greetings, I am receiving alarms from the border FW (Stormshield SN) to inform that packets coming from the meraki MX (used as internal FW, with Advanced Security License) are blocked because of CVE-2016-7189 vulnerability in MS Edge. The Meraki is performing NAT and because of NAT, I am not able to detect which end user is using an internet browser which is not up to date. Which leads me to that question : how come that this vulnerability has not been flagged by the Meraki beforehand ? Thank you for sharing your knowledge on this matter. Frederique
... View more
Sep 10 2021
1:14 AM
I was hoping that Merakis were able to route by source IP... Thank you though @cmr
... View more
Sep 7 2021
7:15 AM
Hello, I have a configuration question prior to implementation : I have several IPs (let's say 1.1.1.52/29) and I would like to map several uplinks on each of the available IPs and be able to do port forwarding to internal hosts (which are in different vlans). I also need that each individual vlan to be mapped to different public IP Example Port forwarding 1.1.1.52:3389 -> vlan 1:host1 1.1.1.53:3389 -> Vlan 2:host 1 1.1.1.54:3389 -> vlan 3:host 1 Translation to public IPs : Vlan 1 -> 1.1.1.52 Vlan2 -> 1.1.1.53 Vlan 3 -> 1.1.1.54 Is there a way to set this up on the Meraki ? I am used to IOS Cisco Routers and never used wan on same subnet. Thank you. F.
... View more
Sep 25 2020
5:03 AM
@merakichampThank you for that info. I have a follow up question though. In MX's documentation it is written : "When using an MX as a site-to-site VPN peer, it will only be able to send client traffic over the VPN tunnel if that traffic has been directed to it. As such, a router or L3 switch on the network will need to have static routes configured, such that VPN-bound traffic is sent to the MX. This traffic will then be encrypted and sent through the site-to-site VPN tunnel. Traffic bound to the Internet or other destinations will simply pass through the appliance:" Let's say that I have that kind of topology Internet -Edge FW - DMZ - MX L2/VPN concentrator - Router - LAN if I have a layer 3 functionality to ensure routing, if I set the MX in passthrough mode, is it possible for it to deal with S2S VPN, Client VPN AND to still pass all internet traffic (incoming and outgoing) through the MX using filtrering, IPS and AMP functionalities ? if it's not clear, i can ce more specific. thanks for your help. FrederiqueC
... View more
May 17 2019
3:04 AM
Hello, Thank you for yuour answer. I usually use this method with Cisco 800 routers (setting it as a DMZ host on the ISP router) but I was not sure that I could do it with the meraki since I was not sure that NAT would not be in the way. I'm quite new to Meraki config. and not used to these plus and Play interfaces 🙂 since I'm usually using 800/1900 Cisco Routers.So, correct me if I understood incorrectly, I can do whait I usually do : set the Meraki as he DMZ host of the ISP router and configure the Client VPN on the Meraki as if the Meraki was on the edge. Thank you for your help, Frederique
... View more
May 13 2019
2:46 AM
Greetings. I'm having this topology question. One of my customers is changing ISP and getting a new edge router which cannot be configured in bridged mode. Behind it, I have a MX64 router which is currently configured in Routed Mode that ensures client VPN functionalities among other things. Unfortunately, the ISP's router can not be changed since it also performs proprietary functionalities that are mandatory. My question is : Do I need to switch to Passthrough Mode in order to get the Client VPN to work ? Or remaining in Routed Mode (with a static WAN RFC 1918 IP address ) and using "double NAT" (since it seems that Routed mode with no NAT is not possible on a Meraki) will suffice ? Thanks you all for you insights on that matter. Frederique C.
... View more
© 2024 Cisco Systems, Inc.
