09-26-2020 01:20 PM - edited 09-26-2020 01:21 PM
I purchased this switch for two reasons. First to move all Layer 3 routing off of my RV340 and onto the switch and second use the opportunity to set up several VLANs as the network grows.
So here is what I am trying to do. I have 5 VLANs 1-Management (192.168.1.125-185), 10-Server (192.168.10.125-185), 20-Office (192.168.20.75-95), 50-IofT (192.168.50.10-225), 66-Guest (192.168.66.125-175). Router in on 192.168.1.1 Main Switch is 192.168.1.254. I want to create ACLs and bind them to VLANs (ideally) to get the following:
Every time I create an ACE and bind to VLAN66 I lose internet access. I am not using CLI - I am trying to use the GUI as I am a bit out of my depth here. Basically I have tried to set up a permit rule which allows VLAN 66 192.168.66.0 0.0.0.255 access to 192.168.1.1 0.0.0.0 and then bind to VLAN 66 using deny to prevent all other traffic from VLAN 66 but this obviously is not the right way to do this. Can anyone help and/or point me to a reference for creating these rules?
Thanks in advance - Jason
09-27-2020 12:15 AM - edited 09-27-2020 12:16 AM
As per my understanding if you allow only 1 gateway IP 192.168.1.1 everything is blocked by default.
Instead, you can do as below :
Deny other subnets is not required to have access and rest allow, and test it.
example: from VLAN 66 to 50/20 deny ( make sure the ACE is bind to VLAN interface to work).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide