After upgrading to latest Firmware I get an error about ACL rules?
After upgrading to latest Firmware I get an error about ACL rules?
Hello,
we have setup now finally our new network design:
- OC300 Controller
- ER7206 Router
- 3x TL-SG3428
- 1x TP-Link TL-SX3016F
We have created in total 19 Networks with own VLANs for each of them. Some weeks ago we have test with different clients and Switch ACL rules the separation of the networks and every think worked fine for us. Two days ago, we have upgrade all devices to the latest OC300, ER7206 and Switches. Today we would repeat the test and implement the final networks and ACL rule fot the go Live on friday, but now we can not implement the ACL rules as we get an error message which we had definitely not received before -> Error message: The number of ACL rules has reached the upper limit.
At this time we have created 4 ACL rules
- Main network: LAN block for VLANs and Bidirectional
- VLAN: VLAN1 block for all other VLANs and Bidirectional
- now we would like to create the others VLAN2, VLAN3 etc. but this is not possible anymore
Is there a change in the limitation? On last test we have several ACL rules without any issue. Without this setup we can not rollout our new network what feels like a disaster right now.
Can you please help on this issue?
Many thanks in advanced!
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Dear @Cij ,
Thank you so much for taking the time to post the issue on TP-Link community!
To better assist you, I've created a support ticket via your registered email address, and escalated it to our support engineer to look into the issue.
The ticket ID is TKID221137397, please check your email box and ensure the support email is well received. Thanks!
Once the issue is addressed or resolved, welcome to update this topic thread with your solution to help others who may encounter the same issue as you did.
Many thanks for your great cooperation and patience!
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Is there an answer to this issue that is shareable publicly? I have the same message (Omada Controller on my desktop, version 5.7.4, TL-SG2008P v 3.0 8 port switch). I have ten ACL rules created on the switch, one ACL rule turned on, and I get the message "The number of ACL rules has reached the limit" when I go to turn on a second rule.
- Copy Link
- Report Inappropriate Content
Same issue here.
We supposedly can create up to 32 layer 3 networks (vlans), but because the tp link standard configuration is 'open' , we need ACL and/or IP groups to secure the traffic between VLANS.
How can we mange this, when the limit is 10?!
Is it only me, or is this really poor network design from TP Link?
We have 30 VLANS and facing really serious security issues.
TP Link, please provide us with a TD or something with a workable solution to secure the network.
Regards,
- Copy Link
- Report Inappropriate Content
Same here, having the same issue - used to have at least 8 rules enabled. Unfortunately, I had to disable some to reorganize my rules but... after trying to reenable them, only 4 were allowed.
- Copy Link
- Report Inappropriate Content
Hi guys, sorry for my late reply, the problem still exists and TP-Link mentioned that the function is always the same without any change with the update. I can not confirm this as I have already tested successfully with more rules.
Currently I use the gateway ACL setting which is not perfect from my point of view, but the traffic between the clients can be blocked with this setting. But I get a new issue, with gateway ACL rules it is possible to access router GUI and also ping the other VLAN gateways but not the clients itself. I have already reported this to TP-Link a second setting it existing where you have the possibility to block the gateway access from VLANs but then you need to manually update the DNS-Server to an public DNS resolver as you the default gateway / dns server is blocked with this setting. We have own public dns server where we can use but you need to adjust every client manually which is from handling point of vier a horror.
I hope also that TP-Link change there mind and accept this as issue and try to resolve this as from my point of view this has been worked with the old version. One interesting point: I have noticed that after some time I can activate again the switch ACL rules. I can not understand why this is possible, but you can also try to check this after some time the setup is running without a change on config etc.
- Copy Link
- Report Inappropriate Content
I can confirm that ACL don't work so well anymore, when added to sg2008p only one rule allowed, I have to put all rule on a sg2428p then I could make som more rule. so there is a possible bug or a another limitation with the new controller or switch firmware.
- Copy Link
- Report Inappropriate Content
I have the same problem with the SG2210P and Omada Controller v5.7.6. I can create multiple switch ACL and they work but after I toggle one to off I can't reactivate them. As a workaround I can recreate them, as the are on by default.
Anyway I can't reproduce the issue directly. If I delete all of my ACL and recreate them I can toggle them on and off but at some point this is not possible anymore and I receive the "The number of ACL rules has reached the limit." error. This can happen when I create 6 ACL but also could happen when I only create 4 ACL...
- Copy Link
- Report Inappropriate Content
Hi,
same here on my side. (ER8411 and OC200)
I have 24 ACL rules working fine. Then I wanted to add another IP adress to an IP Group unter Profiles --> Groups and when I click Apply I get the error message: You reached the limit of ACL rules......
Sorry guys, but this is another point of the lonnnnnggggg issue list.
And these are not extraordinary things.
Waiting for a firmware update that fixes all these things.
Kind regards
Thorsten
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 2575
Replies: 12