Firewall Settings Configuration

Dashboard Location: Security and SD-WAN > Configure > Firewall > Settings

Firewall settings configuration in Meraki appliances provides essential network security protections including IP source address spoofing protection, MAC address spoofing protection, and other fundamental security controls. This functionality helps prevent network attacks, unauthorized access attempts, and malicious traffic by implementing source validation and network integrity checks. Firewall settings are critical for maintaining network security, preventing spoofing attacks, and ensuring legitimate traffic flow while blocking potentially harmful or suspicious network activities.

Example-1: The example below demonstrates firewall settings configuration.

This configuration manages global firewall behavior and security parameters. The example includes spoofing protection, SYN flood protection, and firewall policy settings for comprehensive network security and threat mitigation.

This configuration enables IP source address spoofing protection using “settings_spoofing_protection_ip_source_guard_mode: block” which prevents clients from sending traffic with forged source IP addresses. The “block” mode actively drops packets with invalid source IPs, protecting against IP spoofing attacks and ensuring network integrity.

meraki:
  domains:
    - name: !env domain
      administrator:
        name: !env org_admin
      organizations:
        - name: !env org
          networks:
            - name: !env network_name
              product_types:
                - appliance
                - switch
                - wireless
                - camera
                - sensor
                - cellularGateway
              appliance:
                firewall:
                  settings_spoofing_protection_ip_source_guard_mode: block