Header Only - DO NOT REMOVE - Extreme Networks

1 port per vlan across 6 switches


I have a 136 unit apt property that has 6 X440 switches, 3 in one closet and 3 in another, not stacked but connected together. Port 1 of switch 1 is connected to the firewall that is VLAN capable. All ports are currently in the default VLAN.

This is a 55+ complex that the customer assumed that most of the tenants would use the provided wifi (c35 with 54 APs) for their internet. One port was provided for each unit in case they wanted to use for a PC.

The complex is approx 70% occupied and over half have their own wireless router that they are using. We were only to provide the network and the wireless and not provide support to the tenants. This was a bad decision!!

We have had more than one apt plugging in Uverse/cable gateways that they brought with them, or wireless routers and plugging in the lan port of routers into the wall jack, so now there are multiple devices with DHCP handing causing all sorts of havoc.

I have meters setup and working on all of the ports for free or paid levels of service and all of that is working.

What I am trying to do now is set up each port on a separate VLAN so that each apt is isolated, but I cant seem to get this configuration figured out. The router will provide DHCP per VLAN.

How is the best way to get this configured?

6 replies

Userlevel 4
I would use the port isolation feature or the private VLAN to isolate ports from each other at layer 2 without creating a VLAN for each port.
Kevin Kim wrote:

I would use the port isolation feature or the private VLAN to isolate ports from each other at layer 2 without creating a VLAN for each port.

Ditto
Ok I will look at that.

Does port 1 that goes to the router and the ports that are linking the switches together then belong to all private VLANs?
Userlevel 4
I think you can go with the port isolation feature first before going towards the private VLANs.

# configure ports isolation [on|off]
Userlevel 6
Kurt,

Make sure you don't turn on isolation on your uplink port. That would not be good. Just your edge ports.

Any port in isolation mode can only talk to a port not in isolation mode
Thank you all for the help. Looks like this was the fix.

Reply