Search This Blog

Sunday, June 15, 2014

Cisco ZBFW policy for Meraki M-Tunnel

This is my ZBFW policy I have configured for Meraki MR18 access point to connect to Meraki cloud (using protocol called M-Tunnel):

ip access-list standard ACL_MERAKI_MR18
 permit <AP_IP_ADDRESS>
ip access-list extended ACL_M-TUNNEL_PROTO
 permit udp any any eq 7351
 permit tcp any any eq 7734
 permit tcp any any eq 7752
 permit udp any any eq 9350
 permit udp any any range 32768 61000
class-map type inspect match-any CM_M-TUNNEL
 match protocol http
 match protocol https
 match protocol ntp
 match protocol dns
 match access-group name ACL_M-TUNNEL_PROTO
class-map type inspect match-all CM_MREAKI_MR18
 match access-group name ACL_MERAKI_MR18
 match class-map CM_M-TUNNEL
policy-map type inspect PM_INSIDE_TO_OUTSIDE
 class type inspect CM_MREAKI_MR18


No comments:

Post a Comment