Business Community > Routers > Block access to one computer on my network-ER605
< Routers

Block access to one computer on my network-ER605

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Block access to one computer on my network-ER605

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Block access to one computer on my network-ER605
Block access to one computer on my network-ER605
2024-01-07 17:48:42 - last edited 2024-01-12 07:10:58
Tags: #Gateway ACL
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.2.2 Build 20231017 Rel.68869

I have a ER605 and use the web interface. I setup with 2 vlans, one for IOT and one for my computers. On my computer lan I have one old machine that runs some old software with a static ip. The OS is not supported any more so I would like to block access to the internet but still be able to share files. I set up a IP group with the ip address of the computer and in the access control tab I set it to block. But that does not work. What am I doing wrong?

  0      
 
  0      
 
#1
Options
1 Accepted Solution
Re:Block access to one computer on my network-ER605-Solution
2024-01-09 01:25:38 - last edited 2024-01-12 07:10:58

Hi @cmartorelli 

Thanks for posting in our business forum.

cmartorelli wrote

  @cmartorelli I have the target computer setup as a ip group. In the access control setting the pllicy is set to block, sevice type is all, direction is all, source is ipgroup_any, desttination is target computer ( selected from the ip group that was set in the begining.

If your goal is to block Internet access but still maintain LAN access, you should think about what's important in Internet conversation. It is the gateway access. You should block this computer from accessing the gateway(LAN) IP address instead of doing something like the quote.

 

What you configured in the quote, did you take time to think about how should it work? It does not match what you expect at all. I think you did not try to think about the ACL. ACL config would take a lot of effort to scheme.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting Manual ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. Don't be a lazy asker. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  0  
  0  
#4
Options
3 Reply
Re:Block access to one computer on my network-ER605
2024-01-08 01:56:57

Hi @cmartorelli 

Thanks for posting in our business forum.

What about your config? How do you set the ACL?

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting Manual ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. Don't be a lazy asker. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#2
Options
Re:Block access to one computer on my network-ER605
2024-01-08 13:02:56

  @cmartorelli I have the target computer setup as a ip group. In the access control setting the pllicy is set to block, sevice type is all, direction is all, source is ipgroup_any, desttination is target computer ( selected from the ip group that was set in the begining.

  0  
  0  
#3
Options
Re:Block access to one computer on my network-ER605-Solution
2024-01-09 01:25:38 - last edited 2024-01-12 07:10:58

Hi @cmartorelli 

Thanks for posting in our business forum.

cmartorelli wrote

  @cmartorelli I have the target computer setup as a ip group. In the access control setting the pllicy is set to block, sevice type is all, direction is all, source is ipgroup_any, desttination is target computer ( selected from the ip group that was set in the begining.

If your goal is to block Internet access but still maintain LAN access, you should think about what's important in Internet conversation. It is the gateway access. You should block this computer from accessing the gateway(LAN) IP address instead of doing something like the quote.

 

What you configured in the quote, did you take time to think about how should it work? It does not match what you expect at all. I think you did not try to think about the ACL. ACL config would take a lot of effort to scheme.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting Manual ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. Don't be a lazy asker. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  0  
  0  
#4
Options

Information

Helpful: 0

Views: 490

Replies: 3

Tags

Gateway ACL
Related Articles
Gateway ER605, block access to login page
1586 0
ER605 Access Control Question (Block WAN to specific VLAN but allow other LAN)
400 0
ER605/How to block a device from internet access?
10523 0
Block TL-E605 built in DNS for one VLAN only
401 0
Vlan can access the browser management page despite ACL rules should block it
126 0
TP-LINK ER605 Access Control does not work (NOOP)
2268 4
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.