Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Greetings, I am receiving alarms from the border FW (Stormshield SN) to inform that packets coming from the meraki MX (used as internal FW, with Advanced Security License) are blocked because of CVE-2016-7189 vulnerability in MS Edge. The Meraki is p...
Hello,I have a configuration question prior to implementation : I have several IPs (let's say 1.1.1.52/29) and I would like to map several uplinks on each of the available IPs and be able to do port forwarding to internal hosts (which are in differen...
Greetings, I'm getting a very large amount (sometime 10 or 15 per seconds) of %ASA-4-106023 warnings in the realtime syslog console of a 5506 ASA.%ASA-4-106023: Deny icmp(or UDP) src Outside:X dst Inside: Y Where sources are always different publics...
Greetings.I'm having this topology question. One of my customers is changing ISP and getting a new edge router which cannot be configured in bridged mode. Behind it, I have a MX64 router which is currently configured in Routed Mode that ensures clie...
Hello,Here is a simple diagram of our network : 192.168.51.0/24 ---192.168.51.1 inside (Cisco ASA) --- Interface oustide--- Internet|192.168.51.5 ---ISP Router--- ISP network---- 10.100.0.0/16 The default gateway to outside is the ASA's inside interf...
Hi CptnCrnch.Yes, IPS is enabled and the ruleset is set to "Balanced". Actually I've checked the snort trule list, and I am not sure if there is one for this particular vulnerability. Do you think we should try with "security" ruleset even if connect...
Thank you Rahul.I was really going crazy with troubleshooting until I read your post. Same kind of situation. Connection from inside out where going through second wan interface thanks to the PBR and connections from outside in kept failing.I just ad...
Hello BB,Thanks you for your answer. Actually this hosts is alive and is opening session with the internet. But why is there so many denied udp/icmp packets ? Are they returned packets ? or is it something different ?
Hello,Thank you for yuour answer.I usually use this method with Cisco 800 routers (setting it as a DMZ host on the ISP router) but I was not sure that I could do it with the meraki since I was not sure that NAT would not be in the way.I'm quite new ...
