You should now be able to use the http interface to gain access to the settings without using the LAN connections (eg via )ħ. Connect a client (laptop etc) to the WAN port nailed up on the same subnet as the WAN (eg 192.168.1.50) (a router reboot may be needed here)Ħ. Nail up the WAN IP to something other than the default LAN 192.168.0.0/24 subnet (eg 192.168.1.1)ĥ. Enable remote management via the WAN port (normally taboo for me) with subnet 0.0.0.0/0 permissions (keeping it simple)Ĥ. To reproduce the problem (do as a bench setup not connected to a real network)ģ. ![]() Effectively you can't even talk to yourself! This leaves you unable to communicate on any LAN port included in such a rule. With version 1.2 the firmware gets carried away and blocks traffic between valid members of "IPGROUP_LAN" as well. This isolates each network from all the others and is a cornerstone of my security policy. I have tailored versions of the rule for each of my 5 networks. With version 1.1.1 software this does what I expect and want which is to block access to IPGROUP_LAN from all other LANs thereby isolating it. Source Network: !IPGROUP_LAN (note the " !" at the front meaning "everything that is not IPGROUP_LAN") Name: IPGROUP_LAN_Isolation (default "IPGROUP_LAN" is subnet 192.168.0.0/24 on VLAN 1) Version 1.2 is wrongly applying a firewall access control rule that works as you would expect and as anyone would want in SW ver 1.1.1. I certainly don't want to put them in to service if they are not Finger pointing done and bug pinned down. I have just purchased three of these for a system upgrade and want to start them off with the latest firmware. This suggests ARP worked at least briefly.Ī fix would be much appreciated. Not even a ping at either the config files static address or the routers default 192.168.0.1ģ.1 Router is totally stand alone with just a laptop connected to ER605 port 5 and works fine with the old firmwareģ.2 All variations of IP addressing tried: nailing up both ends, DHCP at each end in turn pinging all plausible addresses etc etcģ.3 Main config features are: 2xWAN ports, 6 VLANS (including "1") all tagged on port 4, Ports 3&5 untagged VLAN 1, Individual DHCP for each VLANĤ.1 When playing with the Router and laptop IP addresses regardless of settings (I think) the router redirects the webpage to an autoconfiguration address (160.x.x.x) before falling silent.Ĥ.2 Whilst the router does not respond to pinging, it times out at the expected address rather than be declared "unreachable" like all the other addresses. Not even a ping at either the config files static address or the routers default 192.168.0.1Ģ.3 New firmware runs fine on default configĢ.5 Doesn't route and can't communicate with router. The problem is best illustrated by the following scenario (hardware version is V1.0):ġ.With 1.1.1 Build 20210723 Rel.64608 loaded prior to upgrade:Ģ After upgrade to ER605(UN)_V1_1.2.0 Build 20220114Ģ.1 Doesn't route and can't communicate with router. I have spent many hours doing many things to try and get a good result bu to no avail. ![]() The latest firmware will not work with my existing config which runs fine on version 1.1.1 Build 20210723 Rel.64608.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |