Home > Wireless LAN > Firewall and Traffic Shaping > All VLANS can ping the Cisco Meraki AP's LAN Interface

All VLANS can ping the Cisco Meraki AP's LAN Interface

Table of contents
No headers
By design, all devices connecting through a Meraki AP can ping the AP's Management Interface, even if they are on different VLANs.

This can be disconcerting when administrators expect ICMP traffic to be denied by their Inter-VLAN routing rules.

For example, a computer connected to a Guest SSID on 172.16.1.2 will be able to ping and AP with an IP address of 10.1.10.1, even if there are Deny Permissions set on the upstream router.

See Diagram:

fb619762-f460-4397-8c9f-ada589c42e7a

All other communication will follow the rules of the Inter-VLAN router.

For additional security, you can set the My.Meraki.com password by following this Knowledge Base Article:

Change My.meraki.com and Wired.meraki.com password

You must to post a comment.
Last modified
22:30, 2 Feb 2015

Tags

Classifications

This page has no classifications.

Article ID

ID: 1666

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case

Ask the Community

In the Meraki Community, you can find answers provided by fellow Meraki users and ask questions of your own.

Visit the Community