Router & Switch configuration

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Router & Switch configuration

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Router & Switch configuration
Router & Switch configuration
2019-12-20 14:27:57
Model: TL-ER6120  
Hardware Version:
Firmware Version:

Hi
 

Hope sombody can help me, I use an TL-ER6120 and behind two switches T1600G-28PS which i configured like in the link mentioned Link to Tp-Link website, now my question is how to configure the switch that the "marketing department" can access the internet but cannot communicate to the other departments?

 

Network structure

Internet Router => WAN TL-ER6120  LAN => T1600G => Tagged Port with all Vlans from the first switch to the second no additional configuration on the second T1600G

everything works but the "three departments" can communicate but i do not want it for one dep.

 

Thanks for support!

  0      
  0      
#1
Options
1 Reply
Re:Router & Switch configuration
2019-12-23 03:35:42

@Bleami 

 

Hi

 

If you follow that TP-Link FAQ, it's normal that three departments can communicate with each other. Because it has L3 interface for each VLAN, so they can communicate with each other through layer 3 network(routing table).

 

You can configure ACL to block them. Suppose that department A is 10.10.10.0/24. Department B is 10.10.10.10/24. 

ACL 1: source is 10.10.10.0/24, destination is 10.10.10.10/24, policy is 'deny'.

ACL 2: source is 10.10.10.10/24, destination is 10.10.10.0/24, policy is 'deny'.

ACL3: source is 0.0.0.0/0, destination is 0.0.0.0./0, policy is 'allow'. This means allow all packets. T1600G V3 semmly uses white list for ACL, so need to add an 'allow all' entry in the end for making your department be able to access internet.

 

And you need to bind ACL entry for the VLAN of department.

 

TP-Link ACL CG. https://www.tp-link.com/us/configuration-guides/configuring_acl/?configurationId=18222#_idTextAnchor001

 

 

  0  
  0  
#2
Options