ER605 VLANS BLOCKING COMMUNICATION EACH OTHER
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Hello guys!! I have created 3 vlans in different ethernet ports and works perfectly.
But how i can block communication of vlans each other.
im using omada software controller and i dont have a separete switch.only the er605 router.
i have tried ACL LAN TO LAN DENY source a vlan destination other vlan but when i ping a vlan to an other
i have success ping.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @lefterissim
Thanks for posting in our business forum.
You should search this classic setup on the official website where you can find it.
- Copy Link
- Report Inappropriate Content
well!! im owning an apologie!!! yes acl working well, i pinged a device in a vlan and request timed out.
also i noticed that didnt need a acl rule because also i cant ping the devices that are in a vlan network as would be!
strange that i ping with succes only the gateway but for me is ok!!the vlans work as would be, isolated without also an acl rule!
thanks for you pention and honestly im sorry if i insult somebody!!
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Hi @lefterissim
Thanks for posting in our business forum.
You should search this classic setup on the official website where you can find it.
- Copy Link
- Report Inappropriate Content
I have tried also in standalone mode but the results are the same.any vlan can ping the other.so as I understand I must buy a switch. I'm really disapoint! With Mikrotik routers you can do everything. I think is last time I buy TP-Link products.which the reason to create vlans if you can't isolate them. Thanks for your reply!!
- Copy Link
- Report Inappropriate Content
Hi @lefterissim
Thanks for posting in our business forum.
lefterissim wrote
I have tried also in standalone mode but the results are the same.any vlan can ping the other.so as I understand I must buy a switch. I'm really disapoint! With Mikrotik routers you can do everything. I think is last time I buy TP-Link products.which the reason to create vlans if you can't isolate them. Thanks for your reply!!
Hold the horses. Don't get upset before you even learn about our stuff. I don't know why people get frustrated with this device and this price tag. You don't even try to learn about this stuff and you become frustrated, if so, just return it if you play around with it and you don't like it. There is no point in making such comments as it means nothing to me. This is the place where we offer guidance and discussion.
You started this without any config or guide you've followed. This is the most basic feature and has been around for years now. I've helped with internal training before and this setup has been done by me and the students for many times. VLAN interfaces don't block until you set up the ACL. ACL is also easy and straightforward.
I don't get this issue with models ER605 V1 and ER706W-4G in my lab. So how do you configure it?
- Copy Link
- Report Inappropriate Content
Sorry!! You have a point but I'm frustrated.im looking for a solution 2 days now. I have the router in standalone mode now with out the controller software. I have created 2 vlans tagged in lan1 (bridge) and I have unttaged them in each ethernet port I have choose.works perfectly. In ACL section I have created 2 rules. Deny action protocols all direction lan to lan. For source the one network vlan and destination the other.and the second rule is the same but right versa the source and destination. Did you see something wrong?
- Copy Link
- Report Inappropriate Content
Hi @lefterissim
Thanks for posting in our business forum.
ACL is effective.
First ping is effective. Second ping is done when I removed the ACL so first two pings in the second try was not through. Third try is when it is removed.
- Copy Link
- Report Inappropriate Content
I'm doing the same thing exactly.i have success ping all time.but mine router is er605, so maybe is a firmware bug or ACL isn't effective in tha model.
- Copy Link
- Report Inappropriate Content
Hi @lefterissim
lefterissim wrote
I'm doing the same thing exactly.i have success ping all time.but mine router is er605, so maybe is a firmware bug or ACL isn't effective in tha model.
No. The system is basically the same and you are the only one who came to the forum recently reporting "ACL is not working". I would prefer this is your issue.
Then what's the IP did you ping?
You will be able to ping any VLAN interface gateway. In my example, 10.2.3.1 is pingable but not the rest of IP.
- Copy Link
- Report Inappropriate Content
Oh!!! To be honest I ping only the gateway.i will ping a device connected to vlan and I will inform you.thanks for your help.
- Copy Link
- Report Inappropriate Content
well!! im owning an apologie!!! yes acl working well, i pinged a device in a vlan and request timed out.
also i noticed that didnt need a acl rule because also i cant ping the devices that are in a vlan network as would be!
strange that i ping with succes only the gateway but for me is ok!!the vlans work as would be, isolated without also an acl rule!
thanks for you pention and honestly im sorry if i insult somebody!!
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1408
Replies: 10
Voters 0
No one has voted for it yet.