The Meraki Community
Register or Sign in
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About EricM_WSC
EricM_WSC

EricM_WSC

Comes here often

Member since Feb 10, 2021

‎09-23-2021

Community Record

4
Posts
0
Kudos
0
Solutions

Badges

CMNO View All
Latest Contributions by EricM_WSC
  • Topics EricM_WSC has Participated In
  • Latest Contributions by EricM_WSC

Re: Block a domain - Apple Private Relay

by EricM_WSC in Security / SD-WAN
‎09-23-2021 11:47 AM
‎09-23-2021 11:47 AM
I am hoping that someone can confirm my strategy, before me implementing the change to block iCloud Private Relay (iPR).     Apple states, "Some enterprise or school networks might be required to audit all network traffic by policy, and your network can block access to Private Relay in these cases. The user will be alerted that they need to either disable Private Relay for your network or choose another network."   Given that we use Jamf, my Apple admin states we will need to block any use of iPR.     What I read however in the link provided is that:   Cisco Meraki devices allow for filtering of websites by URL, providing both a way to block and whitelist a specific URL or an entire domain. However, when filtering by URL it is important to note that while you can whitelist a child address and block the parent address it is not currently possible to whitelist a parent address and block a child address.   This is a bit confusing to me as I need to black two specific child domains, mask.icloud.com mask-h2.icloud.com I, unfortunately, am not at home where I could test this on my private network before implementing it, so I just want to make sure I am on the right track. I am looking to blacklist the two child domains but not have to whitelist the parent.    ** I would want the parent and other child domains to still be accessible.   Am I just overthinking this? Is it as easy as simply blocking the two child domains?   Thank you for the help, Eric   ... View more

Seperate Network within Meraki Switches

by EricM_WSC in Switching
‎03-30-2021 11:15 AM
‎03-30-2021 11:15 AM
I have a challenge where I need to create a completely autonomous network within my Meraki Networks. Meaning I have another company that is renting some space within our building. They have brought in their own ISP and Firewall. The length between where their ISP/Firewall and their client computers are long but I have two Meraki switches, connected with fiber, in close proximity. What I am trying to do is use my switches/dedicated ports, to simply create a "separate" network to route traffic through my switches but using their Watchguard Firewall and ISP.  I have tried to create a separate VLAN using their specific IP addressing and Gateway, but obviously, it sees that VLAN as part of my network, and thus their firewall/DHCP/ etc. is not routing the traffic.   Any help with this challenge would be appreciated, If a diagram would help let me know. Eric ... View more

Re: Client VPN Access to Secondard VLANS

by EricM_WSC in Security / SD-WAN
‎02-10-2021 01:47 PM
‎02-10-2021 01:47 PM
Yes I am both Windows and Mac to test the access from different user accounts (admin vs. guest) ... View more

Client VPN Access to Secondard VLANS

by EricM_WSC in Security / SD-WAN
‎02-10-2021 11:10 AM
‎02-10-2021 11:10 AM
I am having a challenge creating a VPN user that can connect to VLANs other than the primary/default VLAN.  MEraki MX100. It seems to be a user permission challenge.  1. As a Meraki Administrator, a user account within Meraki (no radius or GP), can initiate a Windows Client Meraki VPN access and connect to other VLANs.  2. When I create a guest account, via the VPN users in Meraki, this account can only seem to access the primary/default VLAN.  3. I have not firewall setting limiting access. I have researched and see that people are mentioning the ability to click on the secondary VLAN's or subsequent VLANs and assign them for access by VPN clients, but I do not see that option. Be assured I have spent about two hours of testing and research but cannot seem to make it work.  Ultimately, I would like to have this one specific VPN user, just have access to the VLAN (secondary VLAN) to which they need access.  Thank you so much for any help or direction you may offer. Regards, EricM ... View more
Powered by Khoros
custom.footer.
  • Community Guidelines
  • Cisco Privacy
  • Khoros Privacy
  • Cookies
  • Terms of Use
© 2023 Meraki