I'm trying to get an ACL setup on my switch (no VLAN) to block traffic to a certain host, but allow 3 dedicated hosts to access it.
So I created an extended IPv4 ACL rule that blocks all ipv4 traffic to the given host and applied this ACL to all ports, except the ones, that should still allow access. Port 18 is the to-be-blocked host (KNX/IP gateway, 192.168.114.2), On port 22 is my router, 28 is a raspberry with Openhab, 30 is my Notebook. Those should have access. In additional there is e.g. a rasperry with Pi-Hole on port 48 which should not be allowed to access the host.
The issue is now, that although only those whitelisted ports should have access, the Pi-Hole can still access that host. That includes e.g. ping as well as HTTP traffic. Another host on my network like a NAS and another one don't have access as expected by the rule. Now I'm wondering why this is the case. Anyone has a clue or an idea to debug this?
Model: GS752TPv2|48-Port Gigabit Ethernet PoE+ Smart Managed Pro Switch with 4 SFP Ports (380W)
I inquired your concern to the higher tier of NETGEAR Support and they strongly advised that you open a support ticket here at anytime for further investigation.
thanks for looking into this. Yes, I meanwhile created a ticket (#45446388, Mike) and we already did some tests - but still no solution. Will be escalated now to Level 3 support.
