Location in Dashboard: Security and SD-WAN
>> Configure
>> Site-to-site VPN
>> Site-to-site outbound firewall
Diagram
Classes
appliance (meraki.domains.organizations)
Name | Type | Constraint | Mandatory | Default Value |
---|
vpn_firewall_rules | Class | [vpn_firewall_rules] | No | |
vpn_firewall_rules (meraki.domains.organizations.appliance)
Name | Type | Constraint | Mandatory | Default Value |
---|
rules | List | [rules] | No | |
syslog_default_rule | Boolean | true , false | No | |
rules (meraki.domains.organizations.appliance.vpn_firewall_rules)
Name | Type | Constraint | Mandatory | Default Value |
---|
comment | String | min: 1 , max: 127 | No | |
policy | Choice | allow , deny | Yes | |
protocol | Choice | any , icmp , icmp6 , tcp , udp | Yes | |
source_port | Any | Integer[min: 0 , max: 65535 ] or String[matches: `(?:[1-9][0-9]3 | [1-5][0-9]4 | 6[0-4][0-9]3 |
source_cidr | String | Regex: ^(?i:any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?)(,(any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?))*$ | No | |
destination_port | Any | Integer[min: 0 , max: 65535 ] or String[matches: `(?:[1-9][0-9]3 | [1-5][0-9]4 | 6[0-4][0-9]3 |
destination_cidr | String | Regex: ^(?i:any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?)(,(any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?))*$ | No | |
syslog | Boolean | true , false | No | |
Config Sample
source_cidr: "192.168.1.0/24"
# The CIDR Object must be created in Policy Objects in order to be applied.
destination_cidr: "10.0.0.0/24"
- comment: "Deny all UDP"
- comment: "Deny all TCP"
syslog_default_rule: true