Firewalled Services Configuration
Dashboard Location: Security and SD-WAN > Configure > Firewall > Firewalled services
Network Service Access Control
Section titled “Network Service Access Control”Firewalled services configuration in Meraki appliances provides granular access control for built-in network services and protocols, enabling administrators to define security policies for essential network functions such as ICMP, web management, SNMP, and SSH access. This functionality supports flexible access control with unrestricted, restricted (IP-based), or blocked access modes for each service, ensuring that critical network services are protected while maintaining operational requirements. Firewalled services are essential for securing appliance management interfaces, controlling diagnostic protocols, and implementing defense-in-depth security strategies.
Diagram
Section titled “Diagram”Classes
Section titled “Classes”firewall (meraki.domains.organizations.networks.appliance)
Section titled “firewall (meraki.domains.organizations.networks.appliance)”Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
firewalled_services | List | [firewalled_services] | No |
firewalled_services (meraki.domains.organizations.networks.appliance.firewall)
Section titled “firewalled_services (meraki.domains.organizations.networks.appliance.firewall)”Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
service_name | String | min: 1 , max: 127 | Yes | |
access | Choice | blocked , restricted , unrestricted | Yes | |
allowed_ips | List | Any[IP or String[matches: [Aa]ny ]] | No |
Examples
Section titled “Examples”Example-1: The example below demonstrates firewalled services configuration using tested YAML configuration from pipeline fixtures.
meraki: domains: - name: "!env domain" administrator: name: "!env org_admin" organizations: - name: "!env org" networks: - name: "!env network_name" product_types: - appliance - switch - wireless - camera - sensor - cellularGateway appliance: firewall: firewalled_services: - service_name: "ICMP" access: "blocked" - service_name: "web" access: "restricted" allowed_ips: - "2.2.2.2" - "3.3.3.3" - service_name: "SNMP" access: "unrestricted"