VLAN, ACL and security

VLAN, ACL and security

VLAN, ACL and security
VLAN, ACL and security
a week ago - last edited a week ago

Hello All,

I'm reading this Omada configuration guide -> Commonly Recommended ACL Configurations on Omada Switches

In Introduction section it is said ->  "Hosts in the same VLAN can communicate directly with each other, while those in different VLANs cannot, thereby enhancing the security of the LAN.".

My understending about VLANs is/was that appling only VLANs is all I need to saparate/block comunication between the VLANs.

The example in the article describes two networks Network A with VLAN ID 10 and Network B with VLAN ID 20.

Then, the next steps discribe how to define these networks with VLANs.

But in step 4 it is said "Create an ACL to deny the mutual access between Network A and Network B" 

Why this ACL is needed? Deny the mutual access between the networks should be provided by defining separate VLANs.

 

 

  0      
  0      
#1
Options
1 Accepted Solution
Re:VLAN, ACL and security-Solution
a week ago - last edited a week ago

Hi @Paul_ol 

Thanks for posting in our business forum.

The difference between 802.1Q VLAN and VLAN interface. Of course, you don't have to create anything if you use 802.1Q VLAN and you don't have multi-net segments. That also works.

 

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#2
Options
1 Reply
Re:VLAN, ACL and security-Solution
a week ago - last edited a week ago

Hi @Paul_ol 

Thanks for posting in our business forum.

The difference between 802.1Q VLAN and VLAN interface. Of course, you don't have to create anything if you use 802.1Q VLAN and you don't have multi-net segments. That also works.

 

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#2
Options