Hi all,
I've attempted to get PBR working and it's been a confusing experience.
I've set it up as follows:
LAN (vif 1) is working fine
VLAN30 IoT is partially working: alexa devices working fine. all others failing to connect (tapo cams and lights).
VLAN10 Work is not working.
other vlans not tested as was doing this before work and ran out of time, so reverted back to last working state without PBR.
should i have created/done the following in addition to the above?:
there was no mention of adding vif 1 to any rule in the ubiquity guide so i have not done so.
Does anyone have any experience with this?
TIA
I've attempted to get PBR working and it's been a confusing experience.
I've set it up as follows:
Code:
set protocols static table 11 interface-route 0.0.0.0/0 next-hop-interface eth0
set protocols static table 12 interface-route 0.0.0.0/0 next-hop-interface eth1
set firewall group network-group vlans network 192.168.10.0/24
set firewall group network-group vlans network 192.168.20.0/24
set firewall group network-group vlans network 192.168.30.0/24
set firewall group network-group vlans network 192.168.100.0/24
set firewall group network-group vlans network 192.168.200.0/24
set firewall modify PBR rule 10 description inter-vlan
set firewall modify PBR rule 10 destination group network-group vlans
set firewall modify PBR rule 10 modify table main
set firewall modify PBR rule 20 description vlan10
set firewall modify PBR rule 20 source address 192.168.10.0/24
set firewall modify PBR rule 20 modify table 11
set firewall modify PBR rule 30 description vlan20
set firewall modify PBR rule 30 source address 192.168.20.0/24
set firewall modify PBR rule 30 modify table 12
set firewall modify PBR rule 40 description vlan30
set firewall modify PBR rule 40 source address 192.168.30.0/24
set firewall modify PBR rule 40 modify table 12
set firewall modify PBR rule 50 description vlan100
set firewall modify PBR rule 50 source address 192.168.100.0/24
set firewall modify PBR rule 50 modify table 11
set firewall modify PBR rule 60 description vlan200
set firewall modify PBR rule 60 source address 192.168.200.0/24
set firewall modify PBR rule 60 modify table 12
set interfaces ethernet eth4 vif 10 firewall in modify PBR
set interfaces ethernet eth4 vif 20 firewall in modify PBR
set interfaces ethernet eth4 vif 30 firewall in modify PBR
set interfaces ethernet eth4 vif 100 firewall in modify PBR
set interfaces ethernet eth4 vif 200 firewall in modify PBRLAN (vif 1) is working fine
VLAN30 IoT is partially working: alexa devices working fine. all others failing to connect (tapo cams and lights).
VLAN10 Work is not working.
other vlans not tested as was doing this before work and ran out of time, so reverted back to last working state without PBR.
should i have created/done the following in addition to the above?:
Code:
set protocols static table 13 interface-route 0.0.0.0/0 next-hop-interface eth1
set protocols static table 14 interface-route 0.0.0.0/0 next-hop-interface eth0
set protocols static table 15 interface-route 0.0.0.0/0 next-hop-interface eth1there was no mention of adding vif 1 to any rule in the ubiquity guide so i have not done so.
Does anyone have any experience with this?
TIA