ACL Rules not working properly

ACL Rules not working properly

ACL Rules not working properly
ACL Rules not working properly
2024-10-07 00:30:19 - last edited 2024-10-16 02:38:22
Model: OC300  
Hardware Version:
Firmware Version: 5.14.26.23

Hi,

 

I have several VLans and when I created the ACL Rule of permit all connections between two of those VLANs is when the problem begins.  They can see each other and I cant access the computer fom one VLAN to the other one.  I tried ACL Rule Mac Group with just two computers and is not working either.  Is there a problem with the omada controller ?

 

I have

 

ER605

TL-SG3428MP Switch

Omada Controller

 

 

I have several LAN but the ones that I want to communicate between them are my main LAN to another one that I named Server

 

 

 

 

 

My main one is Tattoine and I want one computer from that lan to have bidirectional communication with Server Lan, but since I couldn't doit I decided to use the Mac Group.  But is not communicating each other.

 

Can somebody help me with this issue?

  0      
  0      
#1
Options
1 Accepted Solution
Re:ACL Rules not working properly-Solution
2024-10-08 06:07:36 - last edited 2024-10-16 02:38:22

Hi  @AngelaGarza 

 

You may refer to the following to create an IP group:

Recommended Solution
  0  
  0  
#4
Options
7 Reply
Re:ACL Rules not working properly
2024-10-07 07:58:46

  @AngelaGarza 

 

Switch ACLs are not bi directional - so you either have to make 2 rules allowing traffic in both directions, or make an IP group with the source and destination IPs and allow it to itself, eg...

 

IP Group "Test"

PC1 192.168.1.100 /32

Network Allowed 192.168.10.0 /24

 

ACL Rule - Permit - All - IP Group "Test" to IP group "Test"

 

Also, the ACL rules work top - down, so put Allow rules above Deny Rules in the list

  0  
  0  
#2
Options
Re:ACL Rules not working properly
2024-10-07 14:47:59

  @GRL 

 

Hi,

 

I tried that too, two rules. But nothing happened.  I even tried the mac group and nothing.  Let me try the IP Group, but let me first learn how to do that.

 

  0  
  0  
#3
Options
Re:ACL Rules not working properly-Solution
2024-10-08 06:07:36 - last edited 2024-10-16 02:38:22

Hi  @AngelaGarza 

 

You may refer to the following to create an IP group:

Recommended Solution
  0  
  0  
#4
Options
Re:ACL Rules not working properly
2024-10-10 17:19:35

  @AngelaGarza ,

 

Using Omada, everything is allowed by default so it looks to me like rule 1, 3 and 4 are useless.

The only thing that's blocked are packets flowing from IOT to 3 VLANs.

 

You wouldn't happen to have gateway rules too?

Because if you're blocking default -> server at the gateway, there's nothing you can do at the switch layer to override that.

  0  
  0  
#5
Options
Re:ACL Rules not working properly
2024-10-13 21:36:42

  @EricPerl 

No, no gatewary rules, just in the switch.

  0  
  0  
#6
Options
Re:ACL Rules not working properly
2024-10-14 20:07:30

  @AngelaGarza ,

 

Hmm, I'm not sure what's getting in the way.

> I have several VLans and when I created the ACL Rule of permit all connections between two of those VLANs is when the problem begins.  They can see each other and I cant access the computer fom one VLAN to the other one.

 

How exactly did you establish "can see" and "can't access"?

Again, I believe only rule 2 in your original post is effective and it does not affect any packets going between default and server...

And if you have some connectivity (see), there's no reason the ACL is getting of access.

  0  
  0  
#7
Options
Re:ACL Rules not working properly
2024-10-24 18:27:34
Still working on fixing this. It was working fine but not now. I do not know what happened :(
  0  
  0  
#8
Options