Business Community > Controllers > Inter vlan acl's
< Controllers

Inter vlan acl's

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Inter vlan acl's

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Inter vlan acl's
Inter vlan acl's
2022-06-30 00:21:12 - last edited 2022-07-01 15:14:20
Tags: #ACL
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version:

I currently added replaced a firewall/router in an existing installation with an ER605.

 

I am struggling to understand how ACLs work using the controller with multiple LAN segments.

 

There are 3 options.  Gateway ACLs, Switch ACLs and EAP ACLs.

 

I am currently not using any omada switches in this installation.  Gateway ACLs only control access to and from the WAN.  How to manage traffic between the LAN segments on the ER605 itself?

 

Thanks in advance for any advice/assistance.

  0      
 
  0      
 
#1
Options
1 Accepted Solution
Re:Inter vlan acl's-Solution
2022-06-30 06:49:50 - last edited 2022-07-01 15:14:20

  @Alex789 

 

There is currently no way for the controller to issue profiles on router ports, but your requirement requires switch ACLs to restrict traffic within the LAN, so if you want to use the controller you need to have a switch in your network and then issue profiles on the switch ports to implement ACLs.

 

Otherwise you will have to use the R605 under standalone, the specific FAQ is as follows.

https://www.tp-link.com/support/faq/3061/

Just striving to develop myself while helping others.
Recommended Solution
  0  
  0  
#2
Options
5 Reply
Re:Inter vlan acl's-Solution
2022-06-30 06:49:50 - last edited 2022-07-01 15:14:20

  @Alex789 

 

There is currently no way for the controller to issue profiles on router ports, but your requirement requires switch ACLs to restrict traffic within the LAN, so if you want to use the controller you need to have a switch in your network and then issue profiles on the switch ports to implement ACLs.

 

Otherwise you will have to use the R605 under standalone, the specific FAQ is as follows.

https://www.tp-link.com/support/faq/3061/

Just striving to develop myself while helping others.
Recommended Solution
  0  
  0  
#2
Options
Re:Inter vlan acl's
2022-06-30 13:46:22

  @Virgo thanks for responding!

 

Hmm..so just so I understand for future deployments, if I was to deploy omada gateway, switches and EAPs, would I have to duplicate all my acls across both EAPs and the switches?  Or do the EAPs not do any L3 or intervlan routing so the ACLs on the switch ports would be sufficient.

  0  
  0  
#3
Options
Re:Inter vlan acl's
2022-07-01 05:25:19

  @Alex789 

 

It also depends on the situation. The most classic topologies have a very detailed FAQ which you can read briefly:

https://www.tp-link.com/support/faq/3091/

Just striving to develop myself while helping others.
  0  
  0  
#4
Options
Re:Inter vlan acl's
2022-07-01 15:14:09

  @Virgo So according to that article it would not be needed to apply ACLs to the EAPs.

 

While this is good, it somewhat raises the question about what EAP ACLs are actually used for.  Restricting traffic between wireless devices on the same subnet?

  2  
  2  
#5
Options
Re:Inter vlan acl's
2022-07-04 07:24:33
Yeah, I think so.
Just striving to develop myself while helping others.
  0  
  0  
#6
Options

Information

Helpful: 0

Views: 639

Replies: 5

Tags

ACL
Related Articles
Inter-VLAN Access
499 0
Inter VLAN routing
1587 0
Specific VLAN Blocking Intra- and Inter-VLAN pings (but otherwise everything seems to function)
130 0
Inter-Vlan Routing
621 0
Inter VLAN
255 0
How to configure ACL to prevent inter VLAN communication
2199 0
About Us
Press
Copyright © TP-LINK CORPORATION PTE. LTD. All rights reserved.