Just a FYI in case you were expecting a feature that is on the dashboard to actually do something.
The section labelled "Site-to-site inbound firewall" would be perfectly suited to applying ACLs to inbound VPN traffic. For example if you have to build an IPSec tunnel to a 3rd party, and don't want to completely pull your pants down you might want to apply an ACL against this traffic.
The section is there, but it doesn't work. You can add rules and save them but when you navigate away from the page they're just gone.
Meraki TAC says the feature is on the dashboard by mistake.
My coworker says this is my fault, and I should have used the Make a Wish button to submit "remove all settings and fields that don't work and are there by mistake"
Edit: to their credit this broken behavior is actually documented: https://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-site_VPN_Firewall_Rule_Behavior#Note_-_Inbound_Firewall_Rules
No comments:
Post a Comment