Business Community > Omada Cloud SDN > Restricting internet access for OC200
< Omada Cloud SDN

Restricting internet access for OC200

Restricting internet access for OC200

Restricting internet access for OC200
Restricting internet access for OC200
2023-03-13 15:02:14
Tags: #Omada SDN

Hi all,

 

Due to supply chain issues we were forced to deviate from our network standard.

Since I was already familiar with TP-Link omada I suggested that for the time being as a temporary solution we'd implement an OC200 together with some EAP245's

 

I got a request from our networking department for restricting the OC200's connection to internet.

Which makes sense, because if the appliance get's compromised you don't want it to go all over the internet or compromising other network equipment.

 

Which CIDR address spaces or domains do I need to whitelist in our firewall for the OC200 still being able to fetch firmware updates and maintain manageability over the internet?

 

  0      
 
  0      
 
#1
Options
2 Reply
Re:Restricting internet access for OC200
2023-03-13 18:34:02

  @BartvdbB 

 

Why not just completely isolate the OC200 from the internet with Policy Routes, and then use NAT port-forwards from the router's WAN to allow for remote managment.  Firmware updates can be done manually through the web UI (not that they happen frequently) if desired.

<< Seeking a new reason to stick around... >>
  0  
  0  
#2
Options
Re:Restricting internet access for OC200
2023-03-14 07:54:20

  @d0ugmac1 that is almost exactly what we intended to achieve.

 

  0  
  0  
#3
Options

Information

Helpful: 0

Views: 121

Replies: 2

Tags

Omada SDN
About Us
Press
Copyright © TP-Link Corporation Limited. All rights reserved.