https://community.extremenetworks.com/t5/extremeswitching-exos-switch/port-isolation/m-p/60884#M17704 <P>Can’t help you with your problem but if this vlan spans across several different switches, then port isolation is not the way to go anyways… Private VLAN would be the best solution here or ACLs.</P> Wed, 24 Feb 2021 00:31:00 GMT Stefan_K_ 2021-02-24T00:31:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/port-isolation/m-p/60883#M17703 <P>I would like to isolate some of my clients from other clients in the same VLAN.</P><P>&nbsp;</P><P>I need each isolated client to be able to:</P><UL><LI>Receive DHCP from DHCP server</LI></UL><UL><LI>Access the internet</LI></UL><P>But I need each isolated client not to be able to talk in any way to the other isolated clients</P><P>&nbsp;</P><P>I would also like to be able to ping the isolated clients from my laptop on a port that is not isolated for monitoring</P><P>&nbsp;</P><P>I have tried to simulate this using eg:</P><P>configure ports 33 isolation on</P><P>configure ports 34&nbsp;isolation on</P><P>&nbsp;</P><P>When I plug two laptops into 33 and 34 and run wireshark on the laptop on port 34 I can see some broadcast messages from coming from the laptop in port 33&nbsp;</P><P>&nbsp;</P><P>Am I missing something - is my design OK?</P><P>Or do I need to restart the switch or something after issueing the command?</P><P>&nbsp;</P><P>Switch type:&nbsp;X440G2-48td-10G</P><P>Version: 21.1.4</P><P>&nbsp;</P><P>Thanks for any help!</P><P>James</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 24 Feb 2021 00:23:29 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/port-isolation/m-p/60883#M17703 jamesrdelaney 2021-02-24T00:23:29Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/port-isolation/m-p/60884#M17704 <P>Can’t help you with your problem but if this vlan spans across several different switches, then port isolation is not the way to go anyways… Private VLAN would be the best solution here or ACLs.</P> Wed, 24 Feb 2021 00:31:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/port-isolation/m-p/60884#M17704 Stefan_K_ 2021-02-24T00:31:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/port-isolation/m-p/60885#M17705 <P>Hi Stefan</P><P>So port isolation only works on a single switch?</P><P>Thanks</P><P>James</P><P>&nbsp;</P> Wed, 24 Feb 2021 23:42:14 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/port-isolation/m-p/60885#M17705 jamesrdelaney 2021-02-24T23:42:14Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/port-isolation/m-p/60886#M17706 <P>If you use port isolation in two switches and connect them via a distribution switch, the clients on one switch will still see the clients on the other one unless the dist also uses isolation. If you cascade the switches (no dist between them), you can isolate the downlink to the “downstream” switch in the “upstream” switch, but it will not work if you use EAPS or RSTP for redundancy.</P><P>If you still see broadcasts between two isolated ports, this feature may not be very good. I’d recommend upgrading to a recent EXOS before experimenting further. Right now, <A href="https://documentation.extremenetworks.com/release_notes/ExtremeXOS/30.7.1-Patch1-54/" target="_blank" rel="nofollow noreferrer noopener">EXOS 30.7.1.1-patch1-54</A> is recommended for X440-G2 and <A href="https://documentation.extremenetworks.com/release_notes/ExtremeXOS/31.2/?_ga=2.31602238.1679049190.1614609371-1179638536.1604529798" target="_blank" rel="nofollow noreferrer noopener">EXOS 31.2.1.1&nbsp; </A>is the “Recommended Latest Feature Release”. I’d go for 31.2.</P> Tue, 02 Mar 2021 00:38:15 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/port-isolation/m-p/60886#M17706 FredrikB 2021-03-02T00:38:15Z