• Home
  • /
  • Blog
  • /
  • 10 Meraki MX Configuration Mistakes
Meraki MX Configuration Mistakes
Meraki Dashboard Meraki MX Configuration Mistakes

Meraki MX Firewalls are an excellent choice for nonprofits looking to reduce IT costs and save internal resources. They offer advanced security features, cloud-based management, and easy deployment. However, it's essential to configure the Meraki MX Firewall correctly to ensure optimal performance and security. In this blog post, we will cover IT people's common configuration mistakes when setting up and configuring Meraki MX firewalls and how nonprofits can fix them.

1. Not Configuring the WAN Interface Correctly

One of the most common configuration mistakes is incorrectly configuring the WAN interface. This can cause issues with Internet connectivity and prevent the firewall from functioning correctly. Nonprofits should ensure the WAN interface is configured with the correct IP address, subnet mask, gateway, and DNS servers.

To configure the WAN interface, navigate to the "Security & SD-WAN " tab, and select "Appliance Status". 

Then click on the "Uplink" tab. The WAN interface can be configured by selecting the edit (pencil) button to the right of the WAN section. Once the pencil is selected, the interface can be configured for DHCP to obtain an IP address dynamically or for a static IP to configure the IP address manually.

MX Configuration Menu
10 Meraki MX Configuration Mistakes MX Uplink Menu

Nonprofits can set the IP address, subnet mask, gateway, and DNS servers.

After configuring the WAN settings, test the connectivity to ensure everything is working as expected. Use tools like ping tests and traceroutes to diagnose and troubleshoot any issues.

2. Not Configuring VPN Correctly

Misconfiguring VPN settings can cause issues with remote access and site-to-site connectivity. To fix this, nonprofits should ensure the VPN configuration is correct, including the authentication method, encryption, and subnet settings. Additionally, they should ensure that the firewall rules are configured correctly to allow VPN traffic.

To configure VPN settings, navigate to the "Security appliance" tab, select "VPN," and click on the "Site-to-site VPN" or "Client VPN" tab. Here, nonprofits can configure the VPN settings and the firewall rules to allow VPN traffic.


MX VPN Config Menu

3. Not Updating Firmware

Failure to update the firmware can lead to security vulnerabilities, bugs, and other issues. Keeping the firmware up to date is crucial to ensure the firewall runs smoothly. Navigate to the "Security appliance" tab, select "Appliance status," and check for available firmware updates. They should then apply the updates as necessary.

The process is the same for the wireless access points and the switches.

Set Location For Device Menu
10 Meraki MX ConfigSet Location For Device Menu Access Points Switches

4. Misconfiguring Firewall Rules

Misconfigured firewall rules can result in either allowing too much or too little traffic. You should review the firewall rules and ensure they are configured correctly to allow the necessary traffic to pass through and block any unwanted traffic.

To configure layer 3 and layer 7 firewall rules, navigate to the "Security appliance" tab, select "Firewall," and click on the "Configure firewall" button. Here, nonprofits can create, modify, and delete firewall rules.

Firewall Config Menu

5. Not Configuring Content Filtering

Content filtering can help prevent users from accessing harmful or inappropriate content. Not configuring this can expose the network to potential security risks. To fix this, nonprofits should enable and configure content filtering to block access to unwanted content.

To configure content filtering, navigate to the "Security & SD-WAN" tab, and select "Content filtering, " From this page, you can check content and threat categories and perform category blocking, URL filtering, and search filtering. Nonprofits can enable content filtering and configure the settings to block unwanted content.

Content Filter Menu
10 Meraki MX Configuration Mistakes Content Filtering Content Menu

6. Not Using VLANs Correctly

VLANs can be used to separate network traffic and improve security. Not using them correctly can result in security issues and network performance problems. Nonprofits must create VLANs and configure them correctly to ensure that traffic is separated as intended.

To configure VLANs, navigate to the "Security & SD-WAN" tab, select "Addressing & VLANs," and click on the "VLANs" tab. Here, nonprofits can create VLANs and configure them to separate network traffic.

10 Meraki MX Configuration Mistakes Config Vlan Menu

7. Misconfiguring NAT Rules

10 Meraki MX Configuration Mistakes Forwarding Nat rules Menu

Misconfigured NAT rules can cause issues with inbound and outbound traffic. To fix this, nonprofits should review the NAT rules and ensure they are configured correctly to allow the necessary traffic to pass through the firewall.

To configure NAT rules, navigate to the "Security & SD-WAN" tab, and select "Firewall, " Under "Forwarding rules," you should see the 1:1 NAT rules section. Here, nonprofits can create, modify, and delete NAT rules.

8. Not Enabling Intrusion Prevention

Intrusion prevention can help prevent attacks and other security risks from penetrating the network. Not enabling this feature can leave the network vulnerable to potential threats. It's crucial to enable intrusion prevention and configure it to best fit the organization's security needs.

To enable intrusion prevention, navigate to the "Security & SD-WAN" tab and select "Threat protection, " Here, nonprofits can enable intrusion prevention and configure the settings to fit their security needs.

10 Meraki MX Configuration Mistakes Threat Protection Menu

9. Not Configuring SNMP Settings

10 Meraki MX Configuration Mistakes SNMP Configuration Menu

SNMP (Simple Network Management Protocol) monitors network devices and traffic. SNMP also allows network administrators to query devices for various information. Not configuring SNMP settings can make monitoring the firewall and diagnosing potential issues difficult. Nonprofits should enable SNMP and configure the settings as needed for monitoring purposes.

To configure SNMP settings, navigate to the "Organization" and "Organization settings tabs". Here, nonprofits can enable SNMP and configure the settings for monitoring purposes.

10. Not Configuring Link Aggregation

Link aggregation can be used to improve network performance and redundancy. Not configuring this feature can result in a bottleneck and network downtime in the event of a link failure. To fix this, you should configure link aggregation and ensure it functions properly.

To configure link aggregation, navigate to the "Switching"- "Monitor" – "Switch ports" tab, select any two ports, and click on the "Aggregate" tab. Here, nonprofits can configure link aggregation and ensure it functions properly.

10 Meraki MX Configuration Mistakes Config Link Aggregation Menu

Meraki MX Configuration Mistakes Conclusion

In conclusion, following these steps, nonprofits can avoid common configuration mistakes when setting up and configuring Meraki MX firewalls. By doing so, they can ensure their network is secure and functioning optimally.

Telecom4Good has certified Meraki engineers on staff to support our nonprofit clients with set up and configuration to ensure their Cisco Meraki networks are optimized for their operations. This support is at no cost to our clients. Please schedule a call or email us at meraki-support@telecom4good.org to learn more.


Telecom4Good Commitment

To help nonprofits access technology that positions them to further their mission and serve others with confidence

see a world where technology is used to impact the lives of others.

To see all nonprofits have technology that advances the causes they care about

Telecom4Good understands your desire to care for others. As a nonprofit ourselves, our team knows firsthand how the right technology advances your mission.

That’s why we set out to ensure all nonprofits get the solutions they need to improve efficiencies while empowering their organization. We believe all nonprofits deserve access to systems and networks that won’t hold them back but instead allow them to maximize their efforts.

You May also like

Cisco Meraki Updates for Nonprofits, Navigating Cisco Meraki Updates: A Comprehensive Guide for Nonprofits

Plan and Execute a Successful Technology Project for Your Nonprofit

Cisco Meraki Updates for Nonprofits, Navigating Cisco Meraki Updates: A Comprehensive Guide for Nonprofits

A Guide to the Video Conferencing Tools Your Nonprofit Can Access

Cisco Meraki Updates for Nonprofits, Navigating Cisco Meraki Updates: A Comprehensive Guide for Nonprofits

Embracing New Tech to Drive Nonprofit Impact

Cisco Meraki Updates for Nonprofits, Navigating Cisco Meraki Updates: A Comprehensive Guide for Nonprofits

Should Your Nonprofit Consider All-in-One Software?

About the author