ER706W Gateway ACL, LAN->LAN, IP-Port
ER706W Gateway ACL, LAN->LAN, IP-Port
Its embarrassingly ridiculous that a business line of gateway still does not support yet such a basic essential feature as been requested multiple times as per this thread:https://community.tp-link.com/en/smart-home/forum/topic/651912
Can you guys be honest by actually telling the community if this is going to be implemented or not ? I am pretty sure there are many users that are hoping to know your plans as well before they decide to move on from omada or not.
I think your customers deserve transparency about the company's plan about such a basic ACL feature.
Me personally I built my network with omada platform completely regretting every moment I spend configuring ACLs to try to come up with ways to get around only having the gateway being the only thing capable of statful ACLs on the whole platform that can't do lan to lan ip/ip-port ALCs. Where the switches can do lan to lan ip/port ACLs but are stateless. What a major joke..
You guys pretty aware that this is far from ideal and would not be called "business" grade. What a let down.
I hope you excuse my tone but I have never felt deceived that much from a well reputable company.
thanks.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
If you arent using the switch interfaces as the gateway for the vlans, then you are not switch routing.
Yes, you are correct taht switches need an interface to DHCP relay for any given vlan, but if that interface IP isnt set as the clients gateway (and the router IP for that vlan is) then the swith wont get involved with any routing at all - it will still all be done directly on the gateway, and then the hybrid gateway+switch rules will still work
Switches will only route if the SVI is the actual gateway for any given vlan.
- Copy Link
- Report Inappropriate Content
Ok so yes basically, if i have a vlan interface with x.x.x.2 enabled then then I am switch routing if i am using x.x.x.2 as gateway on the client. Am I understanding you correctly ?
- Copy Link
- Report Inappropriate Content
yes! if the switch IP per vlan is NOT the clients gateway (as set by dhcp or static) then the router will be the first hop for that clients traffic (ie, its gateway) and then the router takes precedence, the switch simply exists as a device on that vlan as far as anything else is concerned.
DHCP relay will still take effect though as that works independandy of gateway or routing functions on the switch.
- Copy Link
- Report Inappropriate Content
Yeah that sounds good, but unfortunately it comes at a cost of bandwidth as you know which I am not too worried about for now. the other thing I would like to pick your brain with, I have been trying to see if i can make a bi-directional group like your example, but instead of being an IP group, how can you incorporate an ip-port group for same result of one way ACL while preserving return ?
- Copy Link
- Report Inappropriate Content
Pink_Waters wrote
If the dev team is aware of the request, why the feature request was closed ? and why there are no updates about this?
A thread can be closed by the mod, poster, or after 6 months of no activity. I did not close it.
The forum team does not provide information in reply about the development progress or details.
Neither do we provide the estimated time for this feature, nor details and explanations for the roadmap.
As this is an ongoing request and was previously replied to, your request is already known to the dev team.
Please refer to the final firmware release notes for this feature.
Thanks for your understanding.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 652
Replies: 15
Voters 1
