Router features question
HI,
in my new home, I would like to use the switch and AP devices of the TPLINK Omada series, in controller mode.
For the router/firewall, I need these features:
- set a default wan interface and a failover one (no balancing nedeed)
- allow some IPs of a vlan to access another vlan (or only some of its IPs)
- allow the dhcp server of a vlan to release only reserved IPs mapped with its own MAC addresses. So no "free IP" range
- possibility of forward dhcp requests to VPN instead of WAN using rules such as client IP
- creation of a client VPN with openvpn, with routing rules to vpn based on hostname name (eg. set rule "goo", and routes via vpn all traffic directed to hostnames containing the word "goo")
- creation of a VPN server with openvpn, with the possibility of indicating which vlan and which internal IPs can be connected to
- dyndns service (if so, which ones are available?)
Which of these features are there in omada routers and which are not? Is there a difference if I'm in controller mode or standalone mode?
Thanks
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @Antony23
Thanks for posting in our business forum.
There is no such device to meet all of your requirements. I marked them red and we don't support them.
Antony23 wrote
HI,
in my new home, I would like to use the switch and AP devices of the TPLINK Omada series, in controller mode.
For the router/firewall, I need these features:
- set a default wan interface and a failover one (no balancing nedeed)
- allow some IPs of a vlan to access another vlan (or only some of its IPs)
- allow the dhcp server of a vlan to release only reserved IPs mapped with its own MAC addresses. So no "free IP" range
- possibility of forward dhcp requests to VPN instead of WAN using rules such as client IP
- creation of a client VPN with openvpn, with routing rules to vpn based on hostname name (eg. set rule "goo", and routes via vpn all traffic directed to hostnames containing the word "goo")
- creation of a VPN server with openvpn, with the possibility of indicating which vlan and which internal IPs can be connected to
- dyndns service (if so, which ones are available?)
Which of these features are there in omada routers and which are not? Is there a difference if I'm in controller mode or standalone mode?
Thanks
1. Load balance is enabled to get failover working. Prerequisite.
2. Policy Routing is now only working for L2TP when the router is a VPN client.
3. Hostname does not pass the VPN tunnel.
There is a difference in the two modes. Refer to the FAQ on the official website which lists the differences.
- Copy Link
- Report Inappropriate Content
Hi @Antony23
Thanks for posting in our business forum.
There is no such device to meet all of your requirements. I marked them red and we don't support them.
Antony23 wrote
HI,
in my new home, I would like to use the switch and AP devices of the TPLINK Omada series, in controller mode.
For the router/firewall, I need these features:
- set a default wan interface and a failover one (no balancing nedeed)
- allow some IPs of a vlan to access another vlan (or only some of its IPs)
- allow the dhcp server of a vlan to release only reserved IPs mapped with its own MAC addresses. So no "free IP" range
- possibility of forward dhcp requests to VPN instead of WAN using rules such as client IP
- creation of a client VPN with openvpn, with routing rules to vpn based on hostname name (eg. set rule "goo", and routes via vpn all traffic directed to hostnames containing the word "goo")
- creation of a VPN server with openvpn, with the possibility of indicating which vlan and which internal IPs can be connected to
- dyndns service (if so, which ones are available?)
Which of these features are there in omada routers and which are not? Is there a difference if I'm in controller mode or standalone mode?
Thanks
1. Load balance is enabled to get failover working. Prerequisite.
2. Policy Routing is now only working for L2TP when the router is a VPN client.
3. Hostname does not pass the VPN tunnel.
There is a difference in the two modes. Refer to the FAQ on the official website which lists the differences.
- Copy Link
- Report Inappropriate Content
Thanks for the answer.
Meanwhile I have read user guide.
1. Using "Link Backup" with just ONE primary WAN port and ONE backup WAN port, will the router load balancing anyway between primary and backup ports when both online?
2. I made a typo. I wan mean if it is possible forward DNS request trough vpn tunnel instead WAN using policy rules.
3. Can the router have simultaneously two vpn tunnels, one in client mode and one in server mode? if yes, can these tunnels also use different vpn protocols?
4. About hostname filter i explain it again, using tplink software words. I would to have a possibility to set a policy routing for wireguard or openvpn tunnel (client vpn), and i would this policy routing let me specify as destination ip an hostanme, maybe with wilcard (es. *.tp-link.com). Simply, i need to tunnel only traffic directed to a certain website. Hope i explain it better now.
Thanks.
- Copy Link
- Report Inappropriate Content
Hi @Antony23
Thanks for posting in our business forum.
Antony23 wrote
Thanks for the answer.
Meanwhile I have read user guide.
1. Using "Link Backup" with just ONE primary WAN port and ONE backup WAN port, will the router load balancing anyway between primary and backup ports when both online?
2. I made a typo. I wan mean if it is possible forward DNS request trough vpn tunnel instead WAN using policy rules.
3. Can the router have simultaneously two vpn tunnels, one in client mode and one in server mode? if yes, can these tunnels also use different vpn protocols?
4. About hostname filter i explain it again, using tplink software words. I would to have a possibility to set a policy routing for wireguard or openvpn tunnel (client vpn), and i would this policy routing let me specify as destination ip an hostanme, maybe with wilcard (es. *.tp-link.com). Simply, i need to tunnel only traffic directed to a certain website. Hope i explain it better now.
Thanks.
1. There is no both online mode. Failover, you know. Just one line always works. Or both down if both are literally down.
2. DNS request? Unless this DNS IP is within the destination subnet of the tunnel.
3. Yes and the first question answers the second self-evidently. Yes.
4. No.
- Copy Link
- Report Inappropriate Content
Clive_A wrote
1. There is no both online mode. Failover, you know. Just one line always works. Or both down if both are literally down.
2. DNS request? Unless this DNS IP is within the destination subnet of the tunnel.
3. Yes and the first question answers the second self-evidently. Yes.
4. No.
1. Ok, so my original request is satisfied, I didn't understand why you marked it as red.
2/3/4 Ok.
Thanks a lot
- Copy Link
- Report Inappropriate Content
Thanks for posting in our business forum. There is no such device to meet all of your requirements. I marked them red and we don't support them. 1016jersey is a website that sells soccer jerseys. We sell new releases from Inter Miami, Paris Saint-Germain, Chelsea, and other clubs. We also have a section on classic jerseys, including those of Lionel Messi, Cristiano Ronaldo, and Zinedine Zidane.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 652
Replies: 5
Voters 0
No one has voted for it yet.