1) For further testing I removed the Yonetici_Filter assigned to my privileged VLAN (yonetici) from the DPI assign restriction section. The apps I test (battlenet, steam, dropbox and discord) still does not work correctly.

2) I removed the filters from the blocking filter: Personel_Filter, and all the testing apps (battlenet, steam, dropbox and discord) started working on my PC, but my PC should not be affected by the blocking filter: Personel_Filter.

3) Further, the moment I disable the DPI all the apps start working again.

Is there a way to debug the filters that shows which filter rule blocked the app traffic for a specific user? So I can further trace the issue?

My pc vlan is actually correct, let me resend the screenshots:

First I renamed the VLAN's for you better to understand it:

this is the unrestricted VLAN (old name was yonetici)

and my PC is belongs to this VLAN

in DPI settings Unrestricted_Filter (old name was Yonetici_Filter) is assigned to unrestricted VLAN.

Unrestricted_Filter contains this rule: 

And Allowed_Unrestricted_Class1 enables traffic for apps like Battlenet, Steam, Discord, Dropbox etc (and all available defined apps):

With this configuration I expect Battlenet to work on my PC but it doesn't.

I further think that my PC in vlan unrestricted instead getting Full_Restriction_Filter applied (in first post it's name is Personal_Filter).

I can check this with this steps:

Every VLAN expect unrestricted VLAN is assigned with Full_Restriction_Filter

Full_Restriction_Filter contains all the blocking rules

The battlenet and steam is contained in Blocked_AppStore.

In this state Battlenet and Steam is blocked in my unrestricted vlan member pc (my own pc).

Once I remove the battlenet and steam from Full_Restriction_Filter's Blocked_AppStore rule, battlenet and steam starts to work on this PC.

So in summary: 

My own pc is set to unrestricted VLAN (100) and unrestricted VLAN uses Unrestricted_Filter. But my PCs apps are getting blocked by the Full_Restriction_Filter which should not be applied to my pc.

I suspect this should be related to that I have defined per-category rules:

I've a total of 29 per-category rules:

I think having this number of rules may be effecting my network?

Another test that pins the issue - incorrect rules are applied

I changed default vlan rule to Unrestricted_Filter and battlenet and steam starts working on my pc again.

So from my understanding for my PC that sits in unrestricted vlan (100), the default VLAN (1) DPI rules are applied incorrectly.

and here is my pc's ipconfig that shows it belongs to correct vlan:

Yes in Settings ~ Gateway QoS:

I do not have any class rule definitions in next tab though.

  @Bonesoul 

I am on an ER7206 V2 with the latest firmware.

With this config, I don't reproduce the issue. I can access Steam, EA, and other game platforms.

You wanna narrow this down and make it simple and test.

When I block all Category Gaming, and separately added Steam, it would affect the normal picture loading, which I assume is the problem with other websites being blocked or affected. Not a problem with resolving the web and accessing the Steam website.

I added Discord to other block list. It does not affect the Discord. Everything about Discord works normally. Downloading and open the Discord without any issues.

@Clive_A 

In your case, you permit all traffic in Default network and restrict the games for specific groups.

In my use case (in a factory / business scenario) I need to apply strict restrictions on all networks including Default and only allow a few specific pcs to be unrestricted.

I guess this is the reason your setup and my one differ where mine doesn't work as I expected.

By the way I do also use oc-400 and have enabled logging traffic option.

Can you also show a sample QoS config of yours?

Thanks

Edit:

Upgraded to latest ER8411 firmware 1.3.1 but still the same issue.

According to this screenshot:

My PC which belongs to Vlan 100, getting Full_Restriction_Filter applied from Default Vlan (1).

Instead Unrestricted_Filter should be applied to it as Vlan 100 is assigned to it.

If you guys try a setup like my where:

- Default network uses a strictly restricted filter

- and a pc in a different vlan gets unrestricted filter assigned

You'll see that it's not working as it should.

@Clive_A 

Can you show me your VLAN definitions? So I make sure that I have the correct vlan settings.

I tried to replicate your setup in my home environment - default vlan enables all traffic and vlan with my pc block steam, battlenet and discord.

My pc is in pcs_test vlan

but block_steam_battlenet_discord is not operational and blocking steam, battlenet and discord connections for my pc.

So I suspect my VLAN configurations are not correctly working and I'm missing something there.

my current vlan setup is like this:

and my pc is set to the vlan using profile: