Skip to content
Network as Code

Inbound Firewall Rules

Location in Dashboard: Security and SD-WAN >> Configure >> Firewall

Diagram

Diagram

Classes

firewall (meraki.domains.organizations.networks.appliance)

NameTypeConstraintMandatoryDefault Value
inbound_firewall_rulesClass[inbound_firewall_rules]No

inbound_firewall_rules (meraki.domains.organizations.networks.appliance.firewall)

NameTypeConstraintMandatoryDefault Value
rulesList[rules]No
syslog_default_ruleBooleantrue, falseNo

rules (meraki.domains.organizations.networks.appliance.firewall.inbound_firewall_rules)

NameTypeConstraintMandatoryDefault Value
commentStringmin: 1, max: 127No
policyChoiceallow, denyYes
protocolChoiceany, icmp, icmp6, tcp, udpYes
source_portAnyInteger[min: 0, max: 65535] or String[matches: `(?:[1-9][0-9]3[1-5][0-9]46[0-4][0-9]3
source_cidrStringRegex: ^(?i:any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?)(,(any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?))*$No
destination_portAnyInteger[min: 0, max: 65535] or String[matches: `(?:[1-9][0-9]3[1-5][0-9]46[0-4][0-9]3
destination_cidrStringRegex: ^(?i:any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?)(,(any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?))*$No
syslogBooleantrue, falseNo

Config Sample

meraki:
    domains:
      - name: EMEA
        administrator:
            name: Foo Bar
        organizations:
          - name: Dev
            networks:
              - name: Dev-main-cx-provider
                product_types:
                - appliance
                - camera
                - switch
                - wireless
                appliance:
                  firewall_inbound_firewall:
                    rules:
                      - comment: "Allow SSH"
                        policy: allow
                        protocol: tcp
                        source_port: Any
                        source_cidr: Any
                        destination_port: 22
                        destination_cidr: "192.168.1.0/24"
                    #     syslog: true
                    # syslog_default_rule: true