Inter vlan acl's
I currently added replaced a firewall/router in an existing installation with an ER605.
I am struggling to understand how ACLs work using the controller with multiple LAN segments.
There are 3 options. Gateway ACLs, Switch ACLs and EAP ACLs.
I am currently not using any omada switches in this installation. Gateway ACLs only control access to and from the WAN. How to manage traffic between the LAN segments on the ER605 itself?
Thanks in advance for any advice/assistance.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
There is currently no way for the controller to issue profiles on router ports, but your requirement requires switch ACLs to restrict traffic within the LAN, so if you want to use the controller you need to have a switch in your network and then issue profiles on the switch ports to implement ACLs.
Otherwise you will have to use the R605 under standalone, the specific FAQ is as follows.
- Copy Link
- Report Inappropriate Content
There is currently no way for the controller to issue profiles on router ports, but your requirement requires switch ACLs to restrict traffic within the LAN, so if you want to use the controller you need to have a switch in your network and then issue profiles on the switch ports to implement ACLs.
Otherwise you will have to use the R605 under standalone, the specific FAQ is as follows.
- Copy Link
- Report Inappropriate Content
@Virgo thanks for responding!
Hmm..so just so I understand for future deployments, if I was to deploy omada gateway, switches and EAPs, would I have to duplicate all my acls across both EAPs and the switches? Or do the EAPs not do any L3 or intervlan routing so the ACLs on the switch ports would be sufficient.
- Copy Link
- Report Inappropriate Content
It also depends on the situation. The most classic topologies have a very detailed FAQ which you can read briefly:
- Copy Link
- Report Inappropriate Content
@Virgo So according to that article it would not be needed to apply ACLs to the EAPs.
While this is good, it somewhat raises the question about what EAP ACLs are actually used for. Restricting traffic between wireless devices on the same subnet?
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1060
Replies: 5
Voters 0
No one has voted for it yet.