Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 2 subscribers
  • Views 6910 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to allow access for Meraki MDM solution, *.meraki.com?

cramey925
I'm obviously not that versed in firewalls and especially Sophos products.  I am the admin for a small school district and I am trying to implement a iPad MDM solution, but part of that is allowing them to access a certain website.  I tried adding *.meraki.com to the firewall rules, but that's not enough apparently because it's still not working.

We use the Sophos UTM 9 appliance running version 9.107-33.

Thanks in advance for the help!


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to BarryG
    Hi,

    What do the logs (firewall, Intrusion Protection, Web Protection, Application Control) show?

    Barry


    The firewall log does show:
    13:12:19 Default DROP TCP
    10.60.8.91 : 50363

    17.149.36.148 : 5223
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    13:12:19 Default DROP TCP
    10.60.8.91 : 50364

    17.149.36.73 : 5223
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    13:12:19 Default DROP TCP
    10.60.8.91 : 50365

    17.149.32.40 : 5223
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    13:12:19 Default DROP TCP
    10.60.8.91 : 50366

    17.149.32.43 : 5223
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    13:12:20 Default DROP TCP
    10.60.8.91 : 50367

    17.149.32.21 : 5223
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    13:12:20 Default DROP TCP
    10.60.8.91 : 50363

    17.149.36.148 : 5223
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    13:12:20 Default DROP TCP
    10.60.8.91 : 50368

    17.149.32.62 : 5223
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    13:12:20 Default DROP TCP
    10.60.8.91 : 50364

    17.149.36.73 : 5223
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    13:12:20 Default DROP TCP
    10.60.8.91 : 50369

    17.149.36.211 : 5223
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    13:12:20 Default DROP TCP
    10.60.8.91 : 50365

    17.149.32.40 : 5223
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    13:12:20 Default DROP TCP
    10.60.8.91 : 50370

    17.149.36.172 : 5223
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    13:12:20 Default DROP TCP
    10.60.8.91 : 50366

    17.149.32.43 : 5223
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    13:12:21 Default DROP TCP
    10.60.8.91 : 50367

    17.149.32.21 : 5223
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2

    The rest don't show much of anything at all related to this device.  I did open up port 5223 under Service Definitions however.  Unless I did it wrong, it should be open.