Meraki Go WAP won't work with Firebox?

I have a private classroom network established with a Watchguard Firebox firewall facing the Internet connection. Last week, I connected a Meraki Go GR10 to the network. The Firebox was able to give it an IP address, and the SSID is broadcast, but devices can't connect to it and the wireless network is showing up as "offline" in the Meraki Go app. Going through the Meraki instructions online, I found this:

If a firewall is in place, it must allow outgoing connections on particular ports to particular IP addresses. The most current list of outbound ports and IP addresses for your particular organization can be found here.

Clicking that "here" link took me to a Meraki dashboard login page, but when I logged into that, I got a message referring me back to the Meraki Go app, which has no info whatsoever regarding outbound ports or IPs.

On the Firebox, I created a rule to allow all traffic from the Firebox to the GR10 and vice-versa, but that didn't help.

Obviously, I'm missing something here. Any ideas on how I can get the GR10 to work on my network?

Answers

  • From Meraki firewall info page:

    our network(s) 185.17.255.128/25, 64.62.142.12/32, 209.206.48.0/20, 216.157.128.0/20, 158.115.128.0/19 7351 UDP outbound Meraki cloud communication Access points, Cameras, MX Security Appliance, Switches

    Your network(s) Any api.meraki.com 443 TCP outbound API Requests

    Your network(s) 209.206.48.0/20, 216.157.128.0/20, 158.115.128.0/19 443 TCP outbound Meraki cloud communication Access points, Cameras, MX Security Appliance, Switches

    Your network(s) 158.115.128.0/19, 209.206.48.0/20, 216.157.128.0/20 80, 7734, 7752 TCP outbound Backup Meraki cloud communication, Backup configuration downloads, Measured throughput to dashboard.meraki.com, Backup firmware downloads Access points, Cameras, MX Security Appliance, Switches
    209.206.48.0/20, 216.157.128.0/20, 158.115.128.0/19 Your network(s) Any UDP inbound SNMP traps Access points, MX Security Appliance, Switches

    Your network(s) Any 123 UDP outbound NTP time synchronization Access points, Cameras, MX Security Appliance, Switches

  • What do you see in Traffic Monitor from the Meraki Go IP addr?

    If you have a HTTPS proxy in your config, that may be blocking this access.

    What policy type did you add to allow all traffic from the Meraki Go to the Internet?
    Did you manually set this policy to be at or near the top of your policy list?
    If not, try that.

Sign In to comment.