Firewall and Traffic Shaping

For more information on Cisco Meraki including product information, please refer to our main site.

Most questions can be answered by referring to our documentation, but if further assistance is needed, Cisco Meraki is ready to work with you.

In the Meraki community, you can follow up-to-date news, find answers from Meraki colleagues, and ask your own questions.

Network access control list (NACL) is a stateless firewall that runs at the subnet level. This is an optional security layer that acts as a firewall to control traffic to and from the subnet. The best practice is to configure NACL using rules similar to security groups and to add a layer of security to the VPC environment. Currently, we only offer VPC endpoints to Amazon S3. When a VPC endpoint is created, a default route is added to the route table specified during creation of the endpoint. This default route accepts all S3 requests and automatically routes to the S3 bucket in the same region as the VPC. All external zone S3 requests are routed through NAT instances, Internet gateways, or other routes specified for Internet access.

To add a traffic shaping rule, click Create New Rule. As with custom firewall rules, traffic shaping policies consist of a set of rules that are executed in the order they appear in the policy. Each rule has two main elements. The type of traffic (rule definition) that is restricted or formed and how traffic is restricted or formed (rule operation). Bandwidth limits can be specified to comply with specified restrictions, or to impose stricter restrictions than network restrictions, because they ignore specified limits for the entire network. Use the Bandwidth Slider control to select the appropriate limit for each traffic type. To specify upload and download asymmetric limits, click the details next to the Bandwidth slider control