Meraki

Community

About SJones

Re: IDS Alert Allowed

by in Security & SD-WAN
‎Apr 23 2020 12:53 PM
‎Apr 23 2020 12:53 PM
Not sure if that's happening here - there is a port/machine active.  It's the same destination as the other events that were blocked.  It's still happening today - 9 'blocked' with that same signature to the same destination, 1 'allowed' right in the middle of it. ... View more

Re: IDS Alert Allowed

by in Security & SD-WAN
‎Apr 22 2020 7:29 AM
‎Apr 22 2020 7:29 AM
Only 2 allowed, about 20 blocked over the course of ~ 24 hours.  Not bursty at all. Nothing whitelisted - the 2 allows are from other countries. They're even spaced apart - same rule was blocked around 0730, allowed at 0800, blocked at 0815, allowed at 0930, blocked at 1000. ... View more

IDS Alert Allowed

by in Security & SD-WAN
‎Apr 22 2020 6:56 AM
‎Apr 22 2020 6:56 AM
Did a quick bit of searching and couldn't find anything, thought I'd ask here and see if I could get an explanation a little quicker.   In the security events, I actually have 2 IDS alerts that show 'allowed'   Allowed   SERVER-WEBAPP   DrayTek multiple products command injection attempt   I have about 20 of the same rule being blocked.  My question is why were those two 'allowed'?  MX over worked at that instant and let it through?  Just curious more than anything - we're just getting probed and I'm blocking IPs as they come in.  I do still wish we could setup a rule to shun IPs doing this kind of stuff. ... View more

Re: How to register VPN clients in LAN DNS when using Meraki DHCP server

by in Security & SD-WAN
‎Mar 31 2020 8:53 AM
1 Kudo
‎Mar 31 2020 8:53 AM
1 Kudo
I'm fairly certain IP address will work.  If not, you could always create a hosts file on the machine you're using to run the command.  If you have a ton to do, just download the VPN client list as CSV and do a quick edit of that to generate a temporary hosts file. ... View more

Re: How to register VPN clients in LAN DNS when using Meraki DHCP server

by in Security & SD-WAN
‎Mar 31 2020 6:49 AM
2 Kudos
‎Mar 31 2020 6:49 AM
2 Kudos
It's possible - I have a similar setup.   These are domain-joined computers?   1) Make sure DNS scavenging is configured and working properly   2) In your VPN connection, look under "Networking | TCP/IP4 Properties | Advanced | DNS" and tick 'Register this connections address in DNS"  (my particular setup is not domain joined, so I had to fill in the DNS suffix an tick 'use this connections DNS suffix in registration) ... View more
My Accepted Solutions
View all
© 2025 Cisco Systems, Inc.