I've had my Vigor2865ax for a couple of weeks and slowly finding my way around. On my last Netgear router i bound all my devices MAC-IP so i could keep track of exactly what's on my network from a security perspective. I've followed the same route with my Vigor but have come across an issue with those devices that connect through a TP Link RE450 Repeater.
They can see and connect to anything within the LAN but cannot connect to the internet when Bind IP to MAC is enabled! Repeater is setup for 2.4ghz only (5ghz is disabled) and the correct MAC has been added to the IP Bind list but it just doesnt allow access. Disable Bind to MAC and everything is fine.
Any advice appreciated.

Gary

Just to clarify what you're doing, are you basically using what we used to call "MAC filtering" which means that a device cannot connect to the network unless it's MAC is allowed? Or are you simply binding MAC to IP so you know what IP address a given device will always be on? Last question, what type of devices are you connecting?

Its actually both.
Note:
1. IP-MAC binding presets DHCP Allocations.
2. If Strict Bind is enabled, unspecified LAN clients in the selected subnets cannot access the Internet.

The devices are a PC, an Apple TV and a Energenie MiHome controller all passing through a TPLink Extender. Like i said i can ping them all from within the LAN.
I thought the Repeater was possibly changing the MAC address as it forwards it to the router but the above doesnt appear to support that theory.

Is the extender's MAC address also included amongst all the addresses?

Yes both 2.4 and 5ghz MAC addresses have been included

on recent training it was mentioned not to enable strict bind as "it causes more problems than anything else". If you are trying to stop devices from having any access then maybe use binding without strict mode and keep your range well defined ie DHCP pool 100-150 with 25 taken up and then put a firewall rule in place to limit anything from 126-150 from accessing any resource.

Also it is very easy to spoof a mac address and is actually a technique that you use from time to time to accomplish an objective.