XS 1930 no policy route in ACL?
HI
I am trying to setup a classifier and policy route as from the Zyxel tutorial below to forward traffic from one vlan to the other, or deny from one vlan to the other.
it was easy to setup the classifier, but then in policy rules, there is no sequence or next hop to define where to send the traffic. So, maybe the nomenclature is changed in XS1930, can you please help how to setup a rule configuration as in the Zyxel example below?
many thanks!!
===zyxel tutorial: Article ID 011483
e. Create profile name on "Policy Routing" page named "Routing".
f. Click "Rule Configuration".
g. Set up Sequence as 1.
h. Choose classifier "Office A to NAS".
i. Set up next hop as 192.168.30.1 then click "Add" to add the rule.
j. Set up sequence as 2.
k. Chose classifier "Office B to NAS".
l. Set up next hop as 192.168.30.1 then click "Add" to add the rule.
n. Set up sequence as 3.
m
All Replies
-
Hi @user456,
Since the XS1930 is a lite-L3 switch, it does not support the policy route function but only the static route function.
However, your purpose “forward traffic from one vlan to the other, or deny from one vlan to the other.” could be done by the classifier and policy rule. You don't need to set a policy route.
You could reference this FAQ to set up. Please feel free to ask if there have any questions.
Zyxel Melen0 -
hi would this be included in the additional L3 license pack? thanks!
0 -
And additionally: our problem is that the switch does not give access between the different VLans. Thus, with classifier and policy rule, we can just configure how some traffic will be blocked, but how to configure that the VLans can see each other?
0 -
Hi @user456,
To access different VLANs, you need the inter-VLAN route function. However, the XS1930 switch does not support this function. You will need a router/firewall to route the traffic between different VLANs.
Furthermore, the access L3 license pack does not include the policy route or inter-VLAN route functionality. You could check our datasheet or XS1930 features page for more information about what function does access L3 license support.
Zyxel Melen0 -
hi, too bad, but thanks. do you have a recommendation for a L3 switch who support this basic inter-VLAN route functionality? I thought it's kind of standard nowadays…
BTW: I don't know why but the VLANs can see each other now without any additional router. How can this be explained if the switch does not have this functionality? many thanks!0 -
Hi @user456
Apologize for the misleading.
I confirm again and found that XS1930 supports the inter-VLAN route.Please feel free to setup the VLAN IP interface and configure the VLAN IP as your client's default gateway IP address.
Zyxel Melen0 -
Hi, I've configured vlan routing, but performance is very bad, something like 30mbit/s is this normal ?
If those are the expected performance it is unusable.
let me know
best regards
SP
0 -
Hi @sp2001,
Could you share your configuration and the test method (like your PC's OS and the adapter information) with me to clarify?
Zyxel Melen0 -
Hi @sp2001,
I did a local test and found that the file transfer speed is about 80 MB/s in 1G link speed.
Could you share how did you test the performance?
Zyxel Melen0
Zyxel Employee
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 149 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 263 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight
