Our Cisco Meraki MX security appliance is behind RUT 950 4G and shows "NAT type: Unfriendly. This security appliance is behind a VPN-unfriendly NAT, which can be caused by upstream load balancers or strict firewall rules.". Unfriendly indicates that the upstream NAT won't allow the MX to use UDP hole punching to form the tunnel.
According to Cisco Meraki support, it needs a firewall upstream ports opening UDP ports 7351, 9350-9381, along with UDP 32768 - 61000. Destination IPs: 64.62.142.12/32, 158.115.128.0/19, 209.206.48.0/20, 216.157.128.0/20
Would you, please, advise how to properly configure RUN950 to allow those ports to destination internet Meraki.
Thanks in advance,
Yuriy