Business Community > Routers > Can I limit type of traffic over VPN (HTTP/S)
< Routers

Can I limit type of traffic over VPN (HTTP/S)

Can I limit type of traffic over VPN (HTTP/S)

Can I limit type of traffic over VPN (HTTP/S)
Can I limit type of traffic over VPN (HTTP/S)
2023-11-24 05:42:38 - last edited 2023-11-30 06:53:00
Tags: #VPN #Routing
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.1.2

Is it possible to limit the types of traffic/ports that can traverse a site-to-site VPN?  My main aim is to limit the possibility of a network vulnerability traversing between sites.  I think all my clients need from other sites is HTTP/HTTPS based but is it possible to restrict VPN traffic to HTTP/HTTPS?

  0      
 
  0      
 
#1
Options
1 Accepted Solution
Re:Can I limit type of traffic over VPN (HTTP/S)-Solution
2023-11-27 02:10:21 - last edited 2023-11-30 06:53:00

Hi @PaulSloman 

Thanks for posting in our business forum.

ACL should apply to the IPsec subnets as well. Since this is an IP-Port-based ACL, try the SW ACL first. GW ACL currently does not support the IP-Port-based rule. This will be added in future firmware updates.

 

(SW ACL requires an Omada compatible switch).

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Beta firmware got some NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting Manual ★ ☚ (Disclaimer: Short links are used above solely for guidance to TP-Link subdomains and are safe and tracker-free. Exercise caution with short links from non-official members on forums. We are not liable for external content or damage from non-official members' link use.)
Recommended Solution
  0  
  0  
#2
Options
1 Reply
Re:Can I limit type of traffic over VPN (HTTP/S)-Solution
2023-11-27 02:10:21 - last edited 2023-11-30 06:53:00

Hi @PaulSloman 

Thanks for posting in our business forum.

ACL should apply to the IPsec subnets as well. Since this is an IP-Port-based ACL, try the SW ACL first. GW ACL currently does not support the IP-Port-based rule. This will be added in future firmware updates.

 

(SW ACL requires an Omada compatible switch).

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Beta firmware got some NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting Manual ★ ☚ (Disclaimer: Short links are used above solely for guidance to TP-Link subdomains and are safe and tracker-free. Exercise caution with short links from non-official members on forums. We are not liable for external content or damage from non-official members' link use.)
Recommended Solution
  0  
  0  
#2
Options

Information

Helpful: 0

Views: 174

Replies: 1

Tags

VPN Routing
Related Articles
Policy VPN Routing (Specific traffic down the VPN)
284 0
ER-605 Port Forwarding Over VPN
2161 0
Can I configured two vpn connections of a different types simultaniously (e.g. openvpn and ipsec)?
201 0
Open VPN Client Capped at 20Mb/s?
89 0
ER605 VPN Log showing traffic with 169.254.0.0/16 subnet
337 0
VPN and OSPF problems
378 0
About Us
Press
Copyright © TP-LINK CORPORATION PTE. LTD. All rights reserved.