Business Community > Gateways > IP-Port Group limit of 16 groups.
< Gateways

IP-Port Group limit of 16 groups.

IP-Port Group limit of 16 groups.

IP-Port Group limit of 16 groups.
IP-Port Group limit of 16 groups.
Sunday - last edited Thursday
Tags: #ACL #VLAN & Multi-Networks
Model: ER7412-M2  
Hardware Version: V1
Firmware Version: 1.1.0

Is there any work around when hitting the limit of 16 allowed IP-Port Groups?

 

It seems a serious limitation for any product aimed at the business market.

 

If there is a not a workaround are there any plans to increase this limit? why does it exist at such a low number?

  0      
 
  0      
 
#1
Options
1 Accepted Solution
Re:IP-Port Group limit of 16 groups.-Solution
Thursday - last edited Thursday

  @Sc0th 

Thank you for your post.
There is indeed this configuration limit at present.
How large a range do you need? For example, how many IP addresses and how many IP-port groups?

Wishing you a joyful life and smooth internet! Get the Latest Firmware Releases for Omada Routers Here - Subscribe for Updates Omada US Enterprise Beta Program Launch
Recommended Solution
  0  
  0  
#2
Options
3 Reply
Re:IP-Port Group limit of 16 groups.-Solution
Thursday - last edited Thursday

  @Sc0th 

Thank you for your post.
There is indeed this configuration limit at present.
How large a range do you need? For example, how many IP addresses and how many IP-port groups?

Wishing you a joyful life and smooth internet! Get the Latest Firmware Releases for Omada Routers Here - Subscribe for Updates Omada US Enterprise Beta Program Launch
Recommended Solution
  0  
  0  
#2
Options
Re:IP-Port Group limit of 16 groups.
Thursday - last edited Thursday

  @Ethan-TP Hi, thank you for getting back to me.

 

The current envisaged scenario is 4 VLAN's (Prod/Dev/QA/UAT) with the current limit spread equally across that would equate to 4 cross border IP-Port Group rules per VLAN, I appreciate there are caveats to this with netmasks, port ranges etc, however at most basic level if we want to allow restrictive API/Web/DB Access across VLANS without reorganising the entire network we hit that limit incredibly quickly, so as to make Omada SDN not really practical.

 

Small network, currently consists of gateway, core switch, five access switches & three WAP's

 

I would hope for a limit of at least 128, however I appreciate resource are finite! I limit of 64 would be acceptable, 32 would be workable.

 

Where/why is this limit enforced, I assume it's at the controller level?

 

The only solution I see at this time is ditch the Omada Gateway (ER7412-M2) and replace it with pfsense or similar which is something we don't really want/should not have to do.

 

 

 

 

 

 

  0  
  0  
#3
Options
Re:IP-Port Group limit of 16 groups.
Yesterday

  @Sc0th 

You could probably work around the limit by splitting your rules across multiple ACLs instead of trying to fit everything into a single ACL.

Wishing you a joyful life and smooth internet! Get the Latest Firmware Releases for Omada Routers Here - Subscribe for Updates Omada US Enterprise Beta Program Launch
  0  
  0  
#4
Options

Information

Helpful: 0

Views: 99

Replies: 3

Tags

ACL VLAN & Multi-Networks
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.