Problems with ACLs
Dear all,
I have been trying to set ACLs for a few days. At the beginning I succeeded well, but now I don't anymore.
I want VLAN2 not to be able to access the GUI of the router. For this I only need two ACLs that block http and https.
VLAN config:
Default: 192.168.0.0
VLAN2: 192.168.2.0
Router:
Default: 192.168.0.1
VLAN2: 192.168.2.1
IP Groups:
VLAN2_Router: 192.168.2.1 - 192.168.2.1
VLAN2_Network: 192.168.2.0/24
Services Type:
HTTPS: Source Port = 0-65535; Destination Port = 433-433
HTTP: Source Port = 0-65535; Destination Port = 80-80
ACLs:
Name:
VLAN2_HTTPS
Policy:
Block
Service Type:
HTTPS
Direction:
ALL
Source:
VLAN2_Network
Destination:
VLAN2_Router
Effective Time:
Any
States:
New, Established, Invalid, Related
Name:
VLAN2_HTTP
Policy:
Block
Service Type:
HTTP
Direction:
ALL
Source:
VLAN2_Network
Destination:
VLAN2_Router
Effective Time:
Any
States:
New, Established, Invalid, Related
It should also be mentioned that I already have a regulation that prevents Default and VLAN2 from communicating in any way. This also works with the individual devices. Unfortunately, I can still access 192.168.2.1 from the default network, although I cannot otherwise communicate between the networks. The same applies the other way round. I can access the GUI from VLAN2 via 192.168.0.1 but cannot reach any other devices on the other network. This looks like a bug to me. I couldn't find a solution on the internet and some have faced the problem. I hope someone can help me