Vlans- Deny All ACL on default Vlan1

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Vlans- Deny All ACL on default Vlan1

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Vlans- Deny All ACL on default Vlan1
Vlans- Deny All ACL on default Vlan1
2024-04-18 12:48:43 - last edited 2024-04-18 12:53:03
Model: SG2008P  
Hardware Version: V3
Firmware Version: Original

Good day!

 

I'm setting up some VLANs with a TP-Link router, switch and access point. Setup: Internet --> router --> switch.

I created Vlan2 and Vlan3 with interfaces and acls, but there is also the built-in Vlan1(which I emptied of all ports) with the interface ip 192.168.1.0/24.

Vlan2 and Vlan3 are trunked on port 1 of the switch which is connected to the router to get internet.

 

Question 1: Let's say I add a Deny All ACL rule for Vlan1, would that break anything generally, but also for my vlan 2 &3? (function, protocols, else..)?

 

Question 2: Additionally, note that the router has ip 192.168.1.1 and is plugged into the switch having ip 192.168.1.2 (so on the same subnet).

I just can't understand whether or not that makes the router belong to the default Vlan1? On one hand the router has the ip address belonging to the Vlan1 interface, on the other hand, the router is plugged into a port that is TAGGED on my device Vlans. I'm confused.

 

 

Hope this was clear and concise, have a good one!

  0      
  0      
#1
Options
1 Reply
Re:Vlans- Deny All ACL on default Vlan1
2024-04-19 01:58:14

Hi @Matt677 

Thanks for posting in our business forum.

1. It breaks based on what you configured. If you block all IP, and all protocols, it will break your connection.

2. Don't understand the second question.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#2
Options