VLAN ACLs?

djdrastic · February 15, 2022, 10:18am

Have a weird scenario/use case.

Using a certain brand of equipment at a customer site for sensor and IOT connections.
We tighten security via MAC ACLs + vlan access-maps and vlan filter mappings tied to a certain vlan to ensure there is no device to device comms.Security on l3 gateway/firewall further restrict comms to only a certain server + service they use.

Have prodded around on the CLI and can’t quite get a 1:1 to what I’m used to so checking with the forum if anyone has used cnMatrix like this ?

Having real stock supply issues with the equipment we are using for this site and checking for a suitable replacement.

djdrastic · February 17, 2022, 10:50am

Really no need or want for a feature like this ?
A good chunk of the components I can see are already available in cnMatrix firmware.

gervais90 · February 21, 2022, 4:46am

Pretty sure you can set up something like this in the GUI, if you click on ACL & QoS on the left, then ACL below that, the first page you should open will be the “MAC ACL Configuration” page.

If you configure an example rule here and save your config, then it should give you the CLI equivalent when you do a show run.

You can use that as a baseline for the rest of the rules you need to set up via the CLI.

djdrastic · February 21, 2022, 6:40am

Wow how did I miss this ? Let me go give this a shot and see if I can make it work.
Thx a bunch

djdrastic · February 22, 2022, 7:36am

So far so good.
This looks like it might work.