[SOLVED] IoT ACL rules

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

[SOLVED] IoT ACL rules

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
[SOLVED] IoT ACL rules
[SOLVED] IoT ACL rules
2024-03-14 13:31:53 - last edited 2024-03-15 13:26:13
Model: OC200  
Hardware Version:
Firmware Version: 2.13.2 Build 20240110 Rel.78759

Hello

 

I am not sure if this is the right section to ask but here it goes.

 

Some context...

I have 4 diff Vlan's and one of them is IoT.
It has not been in use but recently I added smartplug (TAPO P115) to measure electricity usage.
I've installed Tapo app on the iphone and added acount and connected smartplug to IoT wifi.
Next step was to add this device to Home assistant.

 

Home assistant is installed on docker which runs on vm machine (ubuntu) and its located on Vlan called secure.

I tried to add smartplug to HA but it can not see/find smartplug (using IP to connect).

So I began to troubleshoot the issue and it seems I can not ping og run curl to smartplug IP address.
Must be ACL rules, right ?

 

Finally the question
No matter what I do with switch ACL I can not ping/curl devices on IoT Vlan.
I added rules based on IP groups to permit ALL (tcp, udp, ect) traffic from Secure to IoT vlan (one way).

 

Please advise

 

 

1x ER-7206 1x C200 2x EAP245 1x SG2008P
  0      
  0      
#1
Options
1 Accepted Solution
Re:IoT ACL rules-Solution
2024-03-15 10:38:56 - last edited 2024-03-15 13:26:32

  @Hank21 

 

Thank you for the links but all that was added way back and it has been working great for home/secure vlan's, all though I never tested it with IoT network.

 

Today I tested something else and it seems that HA machine on IoT for some reason needed to access to my Laptop on Home network in order to complete onboarding process.

Weird but now it works.

 

 


 

 

 


 

 

 

 

 

 

 

 

 

 

 

 

1x ER-7206 1x C200 2x EAP245 1x SG2008P
Recommended Solution
  0  
  0  
#3
Options
2 Reply
Re:IoT ACL rules
2024-03-15 08:21:14

  @ProSumerTester 

Since you have our Omada router, you can set up VLAN interface to the network, by default, VLAN interface can communicate with each other.

Here is the configuration guide, you can take it as a reference: https://www.tp-link.com/support/faq/3091/

For security concerns, you can add ACL rule to block some connection.

You can also refer to this link to know how to set up VLAN interface to Omada router:https://community.tp-link.com/en/business/forum/topic/656144

 

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#2
Options
Re:IoT ACL rules-Solution
2024-03-15 10:38:56 - last edited 2024-03-15 13:26:32

  @Hank21 

 

Thank you for the links but all that was added way back and it has been working great for home/secure vlan's, all though I never tested it with IoT network.

 

Today I tested something else and it seems that HA machine on IoT for some reason needed to access to my Laptop on Home network in order to complete onboarding process.

Weird but now it works.

 

 


 

 

 


 

 

 

 

 

 

 

 

 

 

 

 

1x ER-7206 1x C200 2x EAP245 1x SG2008P
Recommended Solution
  0  
  0  
#3
Options