Where to create the interfaces and ACL rules? On ER605 or TL-SG3428 L3 Switch

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Where to create the interfaces and ACL rules? On ER605 or TL-SG3428 L3 Switch

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Where to create the interfaces and ACL rules? On ER605 or TL-SG3428 L3 Switch
Where to create the interfaces and ACL rules? On ER605 or TL-SG3428 L3 Switch
2023-05-19 21:10:35 - last edited 2023-07-12 01:35:51

Hello Together,

 

i'm asking me where to create the Interfaces for my setup with the Omada Controller?

 

On the Gateway TL-R605 or on the L3 Switch TL-SG3428?

Because the TL-SG3428 has also a DHCP Server but what is the best way?

 

Also the ACL rule setting there even 3 possible options gateway/switch/eap

 

Should i create needed acl rules + interfaces (DHCP-Server) on the switch

and let the gateway do the job for URL Filtering, Firewall, NAT, Routing,.. ??

 

Or what is the best way with this devices?

 

Thank you

 

 

At the moment my Gateway is a Fritzbox an i have a static routing on FB side and

all the interfaces are configured on the Switch and also the ACL rules.

 

Setup FRITZBox (Gateway) and TP-Link Omada Devices OC200, EAP610, TL-SG2428P JetStream

 

 

  0      
  0      
#1
Options
2 Reply
Re:Where to create the interfaces and ACL rules? On ER605 or TL-SG3428 L3 Switch
2023-05-23 01:43:03 - last edited 2023-07-12 01:35:51

  @nurix 

 

Hey

 

On the Gateway TL-R605 or on the L3 Switch TL-SG3428?

Because the TL-SG3428 has also a DHCP Server but what is the best way?

 

While its really up to you, generally most people have set the ER605 as the DHCP server, the router tends to be the endpoint of the interface.

 

Also the ACL rule setting there even 3 possible options gateway/switch/eap

 

Should i create needed acl rules + interfaces (DHCP-Server) on the switch

and let the gateway do the job for URL Filtering, Firewall, NAT, Routing,.. ??

 

That is exactly how I would recommend you do this, have the switch handle the main ACLs and let the gateway do teh URL, Firewall etc...    Gateway and EAP ACLs are a tad more limited in functionality and only really useful in specific scenarios.  The switch ACLs are your main options.

 

 

  1  
  1  
#2
Options
Re:Where to create the interfaces and ACL rules? On ER605 or TL-SG3428 L3 Switch
2023-06-30 19:06:58 - last edited 2023-07-12 01:35:51

  @Philbert 

 

thank you for reply.

 

One more question, at the moment my network is like this Layer 3 IP Topology . 
Can I setup the topology also with the omada controller?

What I am interested in is, the vlan 99 between switch and gateway and the different ip of the gateway, do I have to do also routing the ip's on the gateway fore the different interfaces ?

Or is the setup with omada controller already like this out of the box?


thank you

 

 

 

  0  
  0  
#3
Options