Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Preventing wireless clients from communicating with each other

Simple question I suppose. Assume 2 conditions - a single access point and multiple access points.

Is there any feature to prevent clients from talking at layer2?


Re: Preventing wireless clients from communicating with each oth

Hi John!

For a single access point, it's absolutely (well, probably) possible, just enable "Public Secure Packet Forwarding" (PSPF). PSPF was designed for client security in "hotspot" situations to prevent one user from hacking another. Whether it works for something like NETBIOS, I don't know (but I'll check).

You can find it in the "Interface" page of the Web GUI, or add it as a CLI command under the SSID.

As for multiple APs, I'm not sure (but I'll check). I believe it would be more possible in the LWAP deployment, since all of the APs are under central control ... but perhaps it is also implemented in some form or fashion for stand-alone units as well.

A quick searh on the Cisco Main site I found this fragment:


Note: To prevent communication between clients associated to different access points, you must set up protected ports on the switch to which the wireless devices are connected. See the "Configuring Protected Ports" section for instructions on setting up protected ports.

(end qoute)

Here's the link, the (brief) info and CLI config is under the "Configuring PSPF" section.

I'll poke around some if I get the chance and re-post if I find anything good.

Good Luck


(Merry Christmas / Happy Holidays)

New Member

Re: Preventing wireless clients from communicating with each oth


Just call me spidey and get that out of the way. ;)

I appreciate you pointing me in the right direction. I'll check more into the PSPF feature.