I'd like to take advantage of the 'protected port' feature of my SG 300 and SG 10 switches, but it seems that the isolation offered only works with devices within the switch - i.e. it does not isolate the port against the switch that the switch is connected to.
Here's my setup.
(to be isolated)
10p Switch B 10p Switch C 10p Switch D
| | |
============== 28p Switch A==============
The wireless access point needs to be isolated, presumably with a protected port. The protexted port does isolate against everything in Switch B, but anything connected to Switch A is still accessible. Is there any way, using protected ports, to extend this functionality without isolating every other device connected to Switch B?
If you don't want wireless users to have access to devices on the network, this is usually done via assigning wireless users to a dedicated VLAN and applying an access-list to the Layer 3 gateway that services that VLAN.
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...