Are port based VLAN’s in the road map for future firmware?
Also:
Inbound/Outbound Firewall Rules - It would be nice to be able to allow multiple IP’s to be pointed to a certain VLAN.
Example:
Inbound:
WAN - ANY
Protocol - UDP
Source IP - 24.54.34.X (East Coast SIP Server)
173.45.65.X (Midwest SIP Server for Redundancy)
26.45.45.X (West Coast SIP Server for Redundancy)
Port - 5060
Destination - 10.10.20.0/24
Port - ANY
Outbound:
WAN - ANY
Protocol - UDP
Source IP - 10.10.20.0/24
Port - ANY
Destination - 24.54.34.X (East Coast SIP Server)
173.45.65.X (Midwest SIP Server for Redundancy)
26.45.45.X (West Coast SIP Server for Redundancy)
Port - 5060
The reasoning behind this is because our customers have a primary SIP sever depending on geographical location. Every Data center is mirrored for every customer for redundancy and maintenance purposes. Each data center has a /24 network Ex. 10.195.23.0/24 and our customer feature server could be 10.195.23.75 and in the event of a data center failure all traffic could revert to the secondary data center ex. 10.200.24.0/24 and so forth.
I agree, Each LAN port needs to function as it’s own unique configuration, from VLAN to network IP Addresses to VPN’s. Essentially a complete virtual router per LAN Port.