What apps and services are used for Meraki Cloud?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

What apps and services are used for Meraki Cloud?

L3 Networker

I can't seem to get the policy right for my Meraki APs to check in with the meraki cloud. I have allowed DNS, Ping, Meraki-cloud-controller using any port and allowed to *.meraki.com and *.opendns.com. Still see stuff hit my deny. Anyone know the correct combo for a policy?

2 REPLIES 2

Cyber Elite
Cyber Elite

@Stevenjwilliams83,

Meraki will need a static NAT statement so that it doesn't hit any sort of DIPP nat statement; you need that source port to stay the same. 

 

As for the apps that will actually hit the traffic you'll need to actually monitor that Deny policy and really see what's actually being hit. Generally what I will do is simply not limit the application and allow the destination networks mentioned HERE so that any application updates don't break connectivity to the Meraki cloud. 


@BPry wrote:

@Stevenjwilliams83,

Meraki will need a static NAT statement so that it doesn't hit any sort of DIPP nat statement; you need that source port to stay the same. 


I can confirm, DIPP will break your MX's connection to the portal.  As to security policies, we have one outbound rule for the meraki-cloud-controller app and another outbound rule for "any" app on UDP ports 32768-61000 in order to make our hubs work. (Your particular configuration/needs may vary from ours.)

  • 3992 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!