Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
854
Views
0
Helpful
2
Replies

Preventing wireless clients from communicating with each other

jroyster
Level 1
Level 1

‎12-13-2006 06:00 PM - edited ‎07-03-2021 01:22 PM

Simple question I suppose. Assume 2 conditions - a single access point and multiple access points.

Is there any feature to prevent clients from talking at layer2?

Labels:
0 Helpful
2 Replies 2

scottmac
Level 10
Level 10

‎12-13-2006 07:54 PM

Hi John!

For a single access point, it's absolutely (well, probably) possible, just enable "Public Secure Packet Forwarding" (PSPF). PSPF was designed for client security in "hotspot" situations to prevent one user from hacking another. Whether it works for something like NETBIOS, I don't know (but I'll check).

You can find it in the "Interface" page of the Web GUI, or add it as a CLI command under the SSID.

As for multiple APs, I'm not sure (but I'll check). I believe it would be more possible in the LWAP deployment, since all of the APs are under central control ... but perhaps it is also implemented in some form or fashion for stand-alone units as well.

A quick searh on the Cisco Main site I found this fragment:

(quote)

Note: To prevent communication between clients associated to different access points, you must set up protected ports on the switch to which the wireless devices are connected. See the "Configuring Protected Ports" section for instructions on setting up protected ports.

(end qoute)

Here's the link, the (brief) info and CLI config is under the "Configuring PSPF" section.

http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_guide_chapter09186a0080341d17.html#wp1038494

I'll poke around some if I get the chance and re-post if I find anything good.

Good Luck

Scott

(Merry Christmas / Happy Holidays)

0 Helpful

jroyster
Level 1
Level 1
In response to scottmac

‎12-13-2006 08:42 PM

Scott,

Just call me spidey and get that out of the way. ;)

I appreciate you pointing me in the right direction. I'll check more into the PSPF feature.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card