- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: ACLs are not blocking as expected
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ACLs are not blocking as expected
I'm trying to get an ACL setup on my switch (no VLAN) to block traffic to a certain host, but allow 3 dedicated hosts to access it.
So I created an extended IPv4 ACL rule that blocks all ipv4 traffic to the given host and applied this ACL to all ports, except the ones, that should still allow access. Port 18 is the to-be-blocked host (KNX/IP gateway, 192.168.114.2), On port 22 is my router, 28 is a raspberry with Openhab, 30 is my Notebook. Those should have access. In additional there is e.g. a rasperry with Pi-Hole on port 48 which should not be allowed to access the host.
The issue is now, that although only those whitelisted ports should have access, the Pi-Hole can still access that host. That includes e.g. ping as well as HTTP traffic. Another host on my network like a NAS and another one don't have access as expected by the rule. Now I'm wondering why this is the case. Anyone has a clue or an idea to debug this?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: ACLs are not blocking as expected
Hey DaneA,
thanks for looking into this. Yes, I meanwhile created a ticket (#45446388, Mike) and we already did some tests - but still no solution. Will be escalated now to Level 3 support.
Cheers
Veit