Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5198
Views
9
Helpful
10
Replies

Meraki Group Policy L3 API Question

rodney2
Community Member

‎06-02-2025 07:15 PM

Hi everyone,

I’m working on a script that needs to add L3 firewall rules under a group policy, and I’m wondering if there’s any support for including a `source` field in the request payload. I couldn’t find any mention of this in the official documentation, but I’m curious if it’s supported unofficially or possibly planned for a future release.

According to the documentation, the schema for `L3FirewallRules` is as follows:

- `L3FirewallRules`: `object[]`
An ordered array of the L3 firewall rules
- `comment`: `string` — Description of the rule (optional)
- `destCidr*`: `string` — Destination IP address (IP, CIDR, FQDN, or 'any')
- `destPort`: `string` — Destination port (1–65535, range, or 'any')
- `policy*`: `string` — 'allow' or 'deny'
- `protocol*`: `string` — 'tcp', 'udp', 'icmp', 'icmp6', or 'any'

As you can see, there’s no mention of a `source` field. Has anyone tried including it anyway, or received clarification from the dev team?

Any insights would be greatly appreciated!

Thanks in advance!
Labels:
0 Helpful
10 Replies 10

Raphael_L
Meraki Community All-Star
Meraki Community All-Star

‎06-02-2025 08:08 PM

Hi ,

You can't add sources to the group policies since they are already applied to a source ( either a client / vlan ).


You have the same behavior directly on the dashboard.

rodney2
Community Member
In response to Raphael_L

‎06-02-2025 10:48 PM

But why in this screenshot(captured from the dashboard). It allows to define the source as well.

image.png

0 Helpful

aleabrahao
Meraki Community All-Star
Meraki Community All-Star
In response to rodney2

‎06-03-2025 03:56 AM

Where did you get this screenshot from? From the internet or from your dashboard?

I agree with Raphael on this one, as far as I know it is not possible to specify the source.

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Rasmus Hoffmann Birkelund
Meraki Community All-Star
Meraki Community All-Star
In response to rodney2

‎06-03-2025 03:58 AM

Where do you have that screenshot from, because there's no source field on my lab network.

image.png

#########
LinkedIn ::: https://blog.rhbirkelund.dk/
Like what you see? - Mark as helpful ## Did it answer your question? - Mark it as a Solution 🙂
All code examples are provided as is. Responsibility for Code execution is solely your own.
0 Helpful

matt_uc
Level 6
Level 6
In response to rodney2

‎06-03-2025 09:03 AM

The Source field is only available if you are using AD integration, per Meraki documentation.

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Creating_and_Applying_Group_Policies

Note: Source IP addresses on layer 3 firewall rules are only configurable on WAN Appliance when active directory integration is enabled.

aleabrahao
Meraki Community All-Star
Meraki Community All-Star
In response to rodney2

‎06-03-2025 09:16 AM

@matt_ucis right, I just tested it.

image.png

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

rodney2
Community Member
In response to aleabrahao

‎06-03-2025 06:35 PM

Yes, it is available when AD integration is enabled, just as @matt_uc mentioned. By the way, is this something that can also be done via the API?

0 Helpful

aleabrahao
Meraki Community All-Star
Meraki Community All-Star
In response to rodney2

‎06-04-2025 02:42 AM

Unfortunately not.

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Helpful

rodney2
Community Member
In response to aleabrahao

‎06-04-2025 09:40 PM

Okay, thanks for the help!

0 Helpful

MilenaVens
Community Member

‎02-25-2026 04:48 AM

@rodney2 wrote:
Hi everyone,

I’m working on a script that needs to add L3 firewall rules under a group policy, and I’m wondering if there’s any support for including a `source` field in the request payload. I couldn’t find any mention of this in the official documentation, but I’m curious if it’s supported unofficially or possibly planned for a future release.

According to for example, https://fast-pay.casinologin.mobi/ the schema for `L3FirewallRules` is as follows: and gain bonusses in cas

- `L3FirewallRules`: `object[]`
An ordered array of the L3 firewall rules
- `comment`: `string` — Description of the rule (optional)
- `destCidr*`: `string` — Destination IP address (IP, CIDR, FQDN, or 'any')
- `destPort`: `string` — Destination port (1–65535, range, or 'any')
- `policy*`: `string` — 'allow' or 'deny'
- `protocol*`: `string` — 'tcp', 'udp', 'icmp', 'icmp6', or 'any'

As you can see, there’s no mention of a `source` field. Has anyone tried including it anyway, or received clarification from the dev team?

Any insights would be greatly appreciated!

Thanks in advance!


Hey! I get what you're trying to do, and yeah, it’s a bit tricky when the documentation doesn’t cover something explicitly. If source isn’t listed in the schema for L3FirewallRules, it’s likely not officially supported. That said, some APIs do have undocumented or beta features, so it could be worth reaching out to the support team or checking for future release notes. If you're feeling adventurous, try testing with the field and see if the system accepts it. Fingers crossed it works!

0 Helpful
Customers Also Viewed These Support Documents