Introduction
The Firewall page allows you to add rules and controls to your network - either for the entire site (General tab) or per wireless network (SSID)
The 'rules' table allows you to block application access. See [here] for more details.
The 'Traffic Shaping Rules' table allows you to prioritise particular applications over others, and control bandwidth limits. See [here] for more details.
General
Rules under the General tab apply to the entire site network. The general tab is only visible to users that have a compatible security appliance (e.g. MX or Z3).
To manage general rules and controls:
- Login to your account
- Select the desired site from the top right hand site selection menu
- Select 'Firewall' from the left hand navigation menu
- Select the 'General' tab (your dashboard will not show a tab menu if there is only a single network to control)
See the rules documentation and the traffic shaping rules documentation on how to manage them for your network.
Wireless Networks
If you have one or more wireless networks configured (e.g. Guest WiFi) then you may have controls available for each network. Rules applied to a particular wireless network only affect that network. Wireless network controls are only available to sites with Meraki wireless access points (MRs).
To manage rules and controls for a specific wireless network:
- Login to you account
- Select the desired site from the top right hand site selection menu
- Select 'Firewall' from the left hand navigation menu
- Select the desired wireless network tab (your dashboard will not show a tab menu if there is only a single network to control)
See the rules documentation and the traffic shaping rules documentation on how to manage them for your network.
Block adult content
Some wireless networks have the capability to block adult content (for technical users, this is if the network is in NAT mode). If available, this can be toggled on/off in the relevant wireless network tab:
See the Meraki documentation for more information.
Rules
The rules table allows you to block particular applications (e.g. "Facebook") or categories of applications (e.g. "Social web & photo sharing") on your network.
If your site has a compatible security appliance (e.g. MX or Z3), then you can configure rules for your entire network, this is under the "General" tab on the "Firewall" page if you have tabs visible in that page.
If your site has compatible wireless access points (e.g. MRs), then you can configure rules for each wireless network - this will be shown as separate tabs on the "Firewall" page.
Adding a rule
- Click the "Add" button on the top right hand of the table
- Select the application category, e.g. "Gaming"
- You can optionally select a specific application, e.g. "Steam"
- Click "OK"
Editing rules
- Find the relevant rule in the table
- Click the 'edit' button on the right hand side of the row
- Update the details (see the 'Adding rules' above for more information).
Removing a rule
- Find the relevant rule in the table
- Click the red rubbish icon on the right hand side of the row
- Select "yes" to confirm the deletion.
Traffic Shaping Rules
The traffic shaping rules table allows you to control the bandwidth (how much data per second) particular applications (e.g. "Facebook") or categories of applications (e.g. "Social web & photo sharing") on your network.
If your site has a compatible security appliance (e.g. MX or Z3), then you can configure rules for your entire network, this is under the "General" tab on the "Firewall" page if you have tabs visible in that page. The security appliance also allows controlling "Priority" (e.g. by default, video chats have high priority, and will cause downloads to slow down).
If your site has compatible wireless access points (e.g. MRs), then you can configure rules for each wireless network - this will be shown as separate tabs on the "Firewall" page.
Adding rules
- Click the 'Add' button on the top right side of the table
- You can add multiple application categories and applications
- Select the application category (e.g. "File sharing")
- Optionally select the application (e.g. "Dropbox")
- Click "Add"
- Optionally add another entry.
- Select the bandwidth control
- "Unlimited" means no controls are in place
- "Network default" is the default
- "Custom" allow you to specify specific download and upload kilo-bits per second.
- If available, you can select priority
Editing rules
- Find the relevant rule in the table
- Click the 'edit' button on the right hand side of the row
- Update the details (see the 'Adding rules' above for more information).
Removing rules
- Find the relevant rule in the table
- Click the red rubbish icon on the right hand side of the row
- Select "yes" to confirm the deletion.