Limited in creating Switch-ACLs to more than 10 entries (... and more probs)
Hello,
ER-605 v2 @2.1.2 + OC200 v2.0 @5.11.10 + TL-SG3428X v1 @1.0.12 + TL-SX3008F v1 @1.0.5 + 2x EAP 660 HD v1 @1.1.1
Lot of Mac M1, Linux and Windows machines as clients.
Have created 8 VLANS (Management LAN included) and set up Switch ACL for deny inter vlan routing at first. -> works !
After that I created an IP-Port-Group with all VLAN Gateway IPs (/32) and Ports 80,443,8080 and 22. -> works !
Now I´m trying to set an Switch ACL rule to block every VLAN from accessing VLAN Gateway IP Ports created above and get the following error message showing above screenshot picture.
Same if I first created 8 non inter-vlan-routing rules, set up IP-Port-Group -> works. But if I will set the Switch ACL rule, getting the same error message.
Fired up my old Opnsense till there´s an solution from TP-Link rising up Switch ACL rules above 10 and more.
This is an unsatisfactory Omada feature among many other problems (*1) in this system predominantly with the routers.
The switches and access points run without problems incl. Omada controller, but the routers and limited setting options in the system..... still have a lot of room for improvement.
The firewall settings are not acceptable to me in this form, especially due to the limitation !
@TP-Link: is there an solution to fix with priorization for Switch ACL problem and inter-vlan-routing speed ?
other problems *1:
- Omada GUI and Safari very slow
- no local DHCP-DNS registration for clients to resolve localy
- solution for GeoIP or Spamhaus DROP in FW-Rules
- inter-vlan-routing in 10G VLANs are capped @1G speed (tested with iperf3 between Linux, Macs, Windows underneath each other too)
- ACL´s are capped i think to 10 in my case
- and still some more smaller ones