0
Votes

SD-WAN,ACL,WAN IN

 
0
Votes

SD-WAN,ACL,WAN IN

SD-WAN,ACL,WAN IN
SD-WAN,ACL,WAN IN
a week ago - last edited a week ago
Model: ER707-M2  
Hardware Version: V1
Firmware Version:

Two locations are connected  SD-WAN. Communication between these sites works fine, as does traffic between different network groups — everything is functioning properly.

However, I’d like to restrict access so that only one specific IP address from site A can communicate with one specific IP address at site B. The communication should be allowed only over TCP and UDP on port 443.

Unfortunately, after configuring the ACL, I wasn’t able to achieve the desired result — it doesn’t seem to work as expected. Has anyone managed to set this up successfully or knows how to configure it correctly?

 

#1
Options
1 Accepted Solution
Re:SD-WAN,ACL,WAN IN -Solution
a week ago - last edited a week ago

  @Pablo_PL 

 

on the deny rule use ip group instead of ip port group on source and destination. on the other two use ip group on source and ip port group on destination

 

and the first rule is not needed so you can delete it

 

I have something similar that I use in my SD-WAN. As you can see, I have blocked everything with IP groups, then I have opened up from some remote sites with source  IP group and destination IP Port Group

 

 

 

 

 

Recommended Solution
#2
Options
1 Reply
Re:SD-WAN,ACL,WAN IN -Solution
a week ago - last edited a week ago

  @Pablo_PL 

 

on the deny rule use ip group instead of ip port group on source and destination. on the other two use ip group on source and ip port group on destination

 

and the first rule is not needed so you can delete it

 

I have something similar that I use in my SD-WAN. As you can see, I have blocked everything with IP groups, then I have opened up from some remote sites with source  IP group and destination IP Port Group

 

 

 

 

 

Recommended Solution
#2
Options