VMG8825-T50 - VLAN ACL separation

Hey,

I want to separate single device connected to LAN4 from rest of the network (so they cannot communicate whatsoever).

The router is VMG8825-T50.

  1. I have created VLAN Group

2. Setup interface group

3. Setup ACL for test for specific IPs (AA names in the ACL, are the same as VLAN2→VLAN1, except I have used different directions).

4. This is the ACL seutp for VLAN2 → VLAN1

5. Yet, I can still ping 192.168.1.85 (Default Group) from 192.168.2.3 (VLAN 2 Group). I would expect the ping to fail.

  1. Am I doing something wrong or missing something?
  2. Currently I am using specific IPs of the devices. Can I do it globally between the VLANs regardless of devices individual IPs?

All Replies

  • Chuckie1000
    Chuckie1000 Posts: 2
    First Comment

    The ACL doesn't seem to work on the local devices.

    If I set either source or destination to ANY and drop it for every direction, the internet connection gets dropped, but I can still ping and communicate with other devices on the local network 😥.

Consumer Product Help Center