Business Community > Switches > VLAN, ACL and security
< Switches

VLAN, ACL and security

VLAN, ACL and security

VLAN, ACL and security
VLAN, ACL and security
Monday - last edited Yesterday
Tags: #VLAN & Multi-Networks #ACL

Hello All,

I'm reading this Omada configuration guide -> Commonly Recommended ACL Configurations on Omada Switches

In Introduction section it is said ->  "Hosts in the same VLAN can communicate directly with each other, while those in different VLANs cannot, thereby enhancing the security of the LAN.".

My understending about VLANs is/was that appling only VLANs is all I need to saparate/block comunication between the VLANs.

The example in the article describes two networks Network A with VLAN ID 10 and Network B with VLAN ID 20.

Then, the next steps discribe how to define these networks with VLANs.

But in step 4 it is said "Create an ACL to deny the mutual access between Network A and Network B" 

Why this ACL is needed? Deny the mutual access between the networks should be provided by defining separate VLANs.

 

 

  0      
 
  0      
 
#1
Options
1 Accepted Solution
Re:VLAN, ACL and security-Solution
Yesterday - last edited Yesterday

Hi @Paul_ol 

Thanks for posting in our business forum.

The difference between 802.1Q VLAN and VLAN interface. Of course, you don't have to create anything if you use 802.1Q VLAN and you don't have multi-net segments. That also works.

 

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#2
Options
1 Reply
Re:VLAN, ACL and security-Solution
Yesterday - last edited Yesterday

Hi @Paul_ol 

Thanks for posting in our business forum.

The difference between 802.1Q VLAN and VLAN interface. Of course, you don't have to create anything if you use 802.1Q VLAN and you don't have multi-net segments. That also works.

 

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#2
Options

Information

Helpful: 0

Views: 60

Replies: 1

Tags

VLAN & Multi-Networks ACL
Related Articles
ACL between VLAN and Routed Port
1866 0
Vlan Setup- Switch Fails to Assign IPs after ACL Binding
605 1
ACL between VLAN and Routed Port on TL-SG3428XMP 2.0
826 0
 ACL - Allowing one port access a blocked VLAN
348 0
 ACL exception rules doesn't work + creating administrator VLAN
669 0
TL-SG3428 V2 ACL don’t work with official FW
852 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.