Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 2 subscribers
  • Views 6910 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to allow access for Meraki MDM solution, *.meraki.com?

cramey925
I'm obviously not that versed in firewalls and especially Sophos products.  I am the admin for a small school district and I am trying to implement a iPad MDM solution, but part of that is allowing them to access a certain website.  I tried adding *.meraki.com to the firewall rules, but that's not enough apparently because it's still not working.

We use the Sophos UTM 9 appliance running version 9.107-33.

Thanks in advance for the help!


This thread was automatically locked due to age.
Parents
  • 0
    Ug, this is such a headache!

    So I realized that I was having this testing ipad go through our open wireless.  So I changed it to where it was supposed to be and now it's not working again.

    Looking at the logs, I do see it blocking what appears to be Apple IPs.  I have a rule that allows all traffic going to apple.com, but that's not enough apparently.  This what my logs show, any ideas on this one??

    09:46:55 Default DROP TCP
    10.60.8.32 : 49166

    17.174.14.5 : 443
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:46:59 Default DROP TCP
    10.60.8.32 : 49166

    17.174.14.5 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49155

    17.172.232.149 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49159

    17.172.232.109 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49158

    17.172.232.99 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49157

    17.172.232.203 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49161

    17.172.232.208 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49160

    17.172.232.126 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49163

    17.172.232.212 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49162

    17.172.232.210 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
Reply
  • 0
    Ug, this is such a headache!

    So I realized that I was having this testing ipad go through our open wireless.  So I changed it to where it was supposed to be and now it's not working again.

    Looking at the logs, I do see it blocking what appears to be Apple IPs.  I have a rule that allows all traffic going to apple.com, but that's not enough apparently.  This what my logs show, any ideas on this one??

    09:46:55 Default DROP TCP
    10.60.8.32 : 49166

    17.174.14.5 : 443
    [SYN] len=64 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:46:59 Default DROP TCP
    10.60.8.32 : 49166

    17.174.14.5 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49155

    17.172.232.149 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49159

    17.172.232.109 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49158

    17.172.232.99 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49157

    17.172.232.203 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49161

    17.172.232.208 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49160

    17.172.232.126 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49163

    17.172.232.212 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
    09:47:03 Default DROP TCP
    10.60.8.32 : 49162

    17.172.232.210 : 443
    [SYN] len=48 ttl=61 tos=0x00 srcmac=a4:4c:11:66:3b:c0 dstmac=0:1a:8c:18:53:2
Children
No Data