Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Public Secure Packet Forwarding (PSPF)

I want to enable PSPF in my wlan to prevent communication between wifi clients. You can do that on the access point, but it only has effect on the clients connected to this AP. So if you have a big wifi network, the clients connected to different AP's can connect between them. The help of the AP says: “To prevent communication between clients associated to different access points on your wireless LAN, you must set up protected ports on the switch to which your access points are connected”. But I think the domain of application of “protected ports” is only one switch, so the clients connected to AP's in different switches can connect between them. How can I avoid that in the entire network? Thanks


Re: Public Secure Packet Forwarding (PSPF)

Make sure that The feature or the mode that performs the similar function of PSPF in Lightweight architecture is called peer-to-peer blocking mode. Peer-to-peer blocking mode is actually available with the controllers that manage the LAP. If this mode is disabled on the controller, which is by default, it allows the wireless clients to communicate with each other through the controller. If the mode is enabled, it blocks the communication between clients through the controller.It only works among the APs that have joined to the same controller. When enabled, this mode does not block wireless clients terminated on one controller from the ability to get to wireless clients terminated on a different controller, even in the same mobility group.