Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6511
Views
2
Helpful
5
Replies

Wireless firewall events

Go to solution
Wright1294
Visitor

‎01-22-2018 08:35 AM

I apologize in advance if this has been asked on another posted. I searched for a while but didn't see anything.

Is there a event log that would create events if a firewall rule setup for an SSID was blocking some traffic?

I recently had a scenario where my boss setup some firewall rules when he first created the SSID then was having an issue with some traffic not working. I removed the firewall rules and it resolved the traffic issue but I could not find a log of this traffic being blocked.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
MilesMeraki
Level 8
Level 8
In response to Wright1294

‎01-22-2018 11:46 AM

You won't be able to get this information from the Event log. The only thing that springs to mind which would allow you to obtain this information would be by setting up syslog and syslog events to report on the deny rules for the MR's.

Have a read of this document for more information - https://documentation.meraki.com/zGeneral_Administration/Monitoring_and_Reporting/Syslog_Event_Types_and_Log_Samples

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)

View solution in original post

5 Replies 5

Go to solution
Dylan_YYC
Level 3
Level 3

‎01-22-2018 10:17 AM

have you tried looking for that client in the event log itself? Under Network-wide -> event log you can change it between your switch and AP's then filter for that client.

0 Helpful

Go to solution
Wright1294
Visitor
In response to Dylan_YYC

‎01-22-2018 10:52 AM

Yes. I should have said that sorry. I went to the network-wide event log and selected "for access points". I see events for 802.11 association/disassociation and WPA authentication/deauthentication but that's just about it. I tired looking in filter options under event type to filter out any firewall/security type events but didn't see anything that stood out as the right option in there.

0 Helpful

Go to solution
Dylan_YYC
Level 3
Level 3
In response to Wright1294

‎01-22-2018 11:41 AM

I just had a look though mine as well. i think that option is not there! Kinda leaves you in the dark. Maybe try doing a packet capture to see where they are going and what might be blocked?

0 Helpful

Go to solution
MilesMeraki
Level 8
Level 8
In response to Wright1294

‎01-22-2018 11:46 AM

You won't be able to get this information from the Event log. The only thing that springs to mind which would allow you to obtain this information would be by setting up syslog and syslog events to report on the deny rules for the MR's.

Have a read of this document for more information - https://documentation.meraki.com/zGeneral_Administration/Monitoring_and_Reporting/Syslog_Event_Types_and_Log_Samples

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)

Go to solution
Wright1294
Visitor
In response to MilesMeraki

‎01-23-2018 08:00 AM

Thanks for the info! At least I know I'm not just missing a section of the logs or something of that nature.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card