I am looking to isolate ports 1-23 from seeing one another, yet I would like to share port 24 (uplink to Internet connection) with each port.
(so that each computer could see the Internet, but could not see each other)
I've found a million documents which look promising, but never quite address the goal I am trying to reach. If anyone could either share the proper commands with me, or point me to a definitive document, it would help me tremendously.
Have you ever read this feature?
Configuring Protected Ports
Some applications require that no traffic be forwarded between ports on the same switch so that one neighbor does not see the traffic generated by another neighbor. In such an environment, the use of protected ports ensures that there is no exchange of unicast, broadcast, or multicast traffic between these ports on the switch.
Protected ports have these features:
â¢A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that is also a protected port. Data traffic cannot be forwarded between protected ports at Layer 2; only control traffic, such as PIM packets, is forwarded because these packets are processed by the CPU and forwarded in software. All data traffic passing between protected ports must be forwarded through a Layer 3 device.
â¢Forwarding behavior between a protected port and a nonprotected port proceeds as usual.
â¢Protected ports are supported on IEEE 802.1Q trunks.
Please check out this link . C2950 Right?
Switch# configure terminal
Switch(config)# interface range fastethernet0/1 - 23
Switch(config-if)# switchport protected