Vlan Setup- Switch Fails to Assign IPs after ACL Binding
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Good day!
I'm reaching out as I have been trying to set-up VLANS for better security and to keep IOT devices isolated from the main network.
I have a TL-SG2008P version 3 switch and a VR2100v archer router. I set up my VLANs and everything using the following tp-link guide.
https://www.tp-link.com/us/support/faq/3656/
Please note that I am a beginner, but have learnt a ton going thru other threads here. I really appreciate the help and will be glad to clarify anything in my explanation below.
Everything went smoothly: for example, when I connect my switch to my gateway/router, I can plug my laptop to port 3 on the switch for example (which in my case is unique to Vlan 20), and my laptop nicely gets an IP address in the 192.168.2.1 range. And I can access the internet as well.
So I'm ruling out that my router can't do VLANs, which was a worry initially since it doesn't have the multi-net nats feature, but anyway let's move on..
The PROBLEM arises when I set up the ACLs on the switch to prevent vlan 30 from talking to vlan 20 and vice versa.. So i create the acls, knowing that I have to bind them before they take effect. Upon binding each vlan-specific set of rules to its corresponding port on the switch GUI, immediately after that, the switch fails to give ip addresses. At the same time, it still gives an IP address if i plug my device to another port on the switch where no acls are binded to that port. I don't understand what the problem is, frustrating.
As a demonstration, to reverse the problem, I unbind one group of VLAN-specific ACL rules from its corresponding port et Voila! i plug my laptop into that port on the switch and I get an IP again!
I hope this is a clear explanation, thanks a million!
