Gateway-ACL bei LAN to LAN keine IP Gruppen

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Gateway-ACL bei LAN to LAN keine IP Gruppen

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Gateway-ACL bei LAN to LAN keine IP Gruppen
Gateway-ACL bei LAN to LAN keine IP Gruppen
2023-08-23 16:38:29 - last edited 2023-08-25 06:36:55
Tags: #ACL
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version:

Sehr geehrte Damen und Herren,

 

unter den Gateway ACLs kann man unter Lan to Lan keine IP-Gruppen auswählen.

Wann kommt diese funktion?

 

Leider find ich das System dann sehr unbrauchbar und nicht ausgereift, wenn man nicht einmal solche Firewall Regeln anlegen kann.

 

  1      
  1      
#1
Options
8 Reply
Re:Gateway-ACL bei LAN to LAN keine IP Gruppen
2023-08-24 03:19:33 - last edited 2023-08-24 03:21:18

Hi @Mathias86 

Thanks for posting in our business forum.

What's the controller version and firmware of your ER605?

If not the latest, I recommend you upgrade to the latest official release.

Mine's on V5.12 which is a beta. On the previous V5.9, I think it's there as well.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#2
Options
Re:Gateway-ACL bei LAN to LAN keine IP Gruppen
2023-08-24 05:58:23

Hallo @Clive_A ,

 

ich hab folgende Systeme im Einsatz:

 

  • Windwos Softwarecontroller 5.12.6
  • ER605 v2.0  2.1.4
  • TL-SG2428P v5.0  5.0.5
  • 2x EAP653(EU) v1.0  1.0.4

 

Haben Sie auch die Richtung ausgewählt?

 

Wenn man keine Richtung auswählt, werden IP-Gruppen angezeigt.

 

 

 

Sobald man die Richtung LAN-LAN auswählt, kann man nur noch als Quelle Netz auswählen!

 

 

 

 

  0  
  0  
#3
Options
Re:Gateway-ACL bei LAN to LAN keine IP Gruppen
2023-08-24 08:05:34

Hi @Mathias86 

Thanks for posting in our business forum.

I see. If that's the case I suggest you use Switch ACL for the IP group. The other group is for the WAN-IN direction.

The switch ACL is more suitable for inter-VLAN or (LAN) IP group setup as the switch is the core of the LAN. Router mainly plays the role of the NAT.

 

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#4
Options
Re:Gateway-ACL bei LAN to LAN keine IP Gruppen
2023-08-24 08:37:43

Hallo @Clive_A ,

 

leider sind die Switch-ACL nicht Stateful.

 

Der Returweg funktioniert nicht!

  0  
  0  
#5
Options
Re:Gateway-ACL bei LAN to LAN keine IP Gruppen
2023-08-24 08:42:03
Wenn ich unter Gateway-ACL eine LAN-LAN Regel mit der Bedingung VLAN30 blockieren auf VLAN1, 10 und 20 anlege, wird der Zugriff vom VLAN30 auf VLANs 1,10u.20 verboten und von den anderen VLANs 1,10u.20 komme ich auf das VLAN30. Das passt so (Blockierern in eine Richtung). Aber wenn ich unter Switch-ACL statt der Gateway-ACL diese gleiche Regel anlege, werden leider beide Richtungen gesperrt, gehört das so oder ist da ein Bug? Ich benötige nämlich für gewisse IP-Gruppen Firewall Regeln und das kann ich nur unter Switch-ACL machen, aber leider werden mir da immer beide Richtungen gesperrt!
  0  
  0  
#6
Options
Re:Gateway-ACL bei LAN to LAN keine IP Gruppen
2023-08-24 08:44:22

Hi @Mathias86 

Mathias86 wrote

Hallo @Clive_A ,

 

leider sind die Switch-ACL nicht Stateful.

 

Der Returweg funktioniert nicht!

Thanks for your valuable feedback and post here. I found out that this feature is considered by the dev team. For the ETA of this feature available on your model is unknown to me.

You can subscribe to the firmware release thread which is pinned on the related page. Or pay attention to our official website where most releases will show up there very soon.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#7
Options
Re:Gateway-ACL bei LAN to LAN keine IP Gruppen
2023-08-24 15:18:55

  @Clive_A 

 

Gibt es schon einen Router am Markt der diese Funktion hat?

  0  
  0  
#8
Options
Re:Gateway-ACL bei LAN to LAN keine IP Gruppen
2023-08-25 01:56:54

Hi @Mathias86 

Thanks for posting in our business forum.

At least not from us. I don't know about others.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#9
Options