ACL between VLAN and Routed Port on TL-SG3428XMP 2.0

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

ACL between VLAN and Routed Port on TL-SG3428XMP 2.0

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
ACL between VLAN and Routed Port on TL-SG3428XMP 2.0
ACL between VLAN and Routed Port on TL-SG3428XMP 2.0
2022-08-10 11:06:57 - last edited 2022-08-30 07:59:25
Model: TL-SG3428XMP  
Hardware Version: V2
Firmware Version: 2.0.0 Build 20220301 Rel.54959

Hello,

following the this post I have the same problem with a TL-SG3428XMP.

Unfortunately I can't find any suitable firmware (also BETA) that offers me a solution.
Does anyone know?
Thanks

 

Update: ACL with single or multi IP don't work, but ACL with a single MAC work.

 

Thorsten

 

 

  0      
  0      
#1
Options
1 Accepted Solution
Re:ACL between VLAN and Routed Port on TL-SG3428XMP 2.0-Solution
2022-08-30 07:59:20 - last edited 2022-08-30 07:59:25

Hi there,

 

The new firmware TL-SG3428XMP(UN)_V2_2.0.1 Build 20220707 released recently has fixed the ACL related issue.

 

If you find that Combined ACL failed to block traffic between Layer 3 networks, please check for a firmware update first.

 

Thank you for your attention!

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*
Recommended Solution
  0  
  0  
#4
Options
3 Reply
Re:ACL between VLAN and Routed Port on TL-SG3428XMP 2.0
2022-08-10 13:15:57

  @T_Reinert 

 

I’m not sure whether it is going to work for your switch and your requirements, but you may like to try taking another approach to VLAN bound ACLs with the ingress option. Instead of having the last rule ‘permit any any’, selectively permit what needs to go through and end with a ‘deny any any’ rule. That requires more work and knowledge of the traffic, but it works for me. Note also that for this kind of an ACL rule, i.e. VLAN bound and ingress, the source should be always in the subnet of the VLAN the rule is going to be bound to.

Kris K
  0  
  0  
#2
Options
Re:ACL between VLAN and Routed Port on TL-SG3428XMP 2.0
2022-08-11 01:40:43

Dear @T_Reinert,

 

T_Reinert wrote

following the this post I have the same problem with a TL-SG3428XMP.

Unfortunately I can't find any suitable firmware (also BETA) that offers me a solution.

 

Thank you so much for taking the time to report the issue to our community!

 

To better assist you, I've created a support ticket via your registered email address, and escalated it to our support engineer to look into the issue. The ticket ID is TKID220812456, please check your email box and ensure the support email is well received. Thanks!

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#3
Options
Re:ACL between VLAN and Routed Port on TL-SG3428XMP 2.0-Solution
2022-08-30 07:59:20 - last edited 2022-08-30 07:59:25

Hi there,

 

The new firmware TL-SG3428XMP(UN)_V2_2.0.1 Build 20220707 released recently has fixed the ACL related issue.

 

If you find that Combined ACL failed to block traffic between Layer 3 networks, please check for a firmware update first.

 

Thank you for your attention!

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*
Recommended Solution
  0  
  0  
#4
Options