Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Isolating client ports

Hi

For safety I want to isolate client ports (using protected port).

Doing this client ports can not speek with each other, only uplink ports.

When clients are on the same subnet, and on same switch, they can not reach each other then.

How do you solve this?

3 REPLIES
Purple

Isolating client ports

Hi,

PVLAN lite or Protected Ports works this way:

protected ports can't talk to each other unless you use routing although they are in the same VLAN but they can talk at L2 with other ports  in the same VLAN that are non protected.

Regards.

Alain.

Don't forget to rate helpful posts.
New Member

Isolating client ports

Thanks, I know.

But I want them to be able to reach each other on L3.

When they are on the same subnet, how do I solve that?

Purple

Isolating client ports

Hi,

I think if the switch is L3 just creating an SVI for this VLAN with proxy-arp enabled should do it but I've never implemented it and I've got no real gear here to test. Having a router in the same vlan with proxy-arp enabled should also work.

Alain.

Don't forget to rate helpful posts.
230
Views
4
Helpful
3
Replies