Extreme Networks

dcsdne · ‎02-12-2020

I am attempting to block client to client communication on B@AP topologies.

I found this:

https://extremeportal.force.com/ExtrArticleDetail?an=000080875

But just like it says this feature does not work on B@AP topologies.

I then moved onto this solution:

https://extremeportal.force.com/ExtrArticleDetail?an=000067499

Using this I am able to reach the gateway on my 10.x.x.x network, but I’m unable to reach anything on my 172.x.x.x network where my DNS lies. It would stand to reason that the deny rule is only for the 10.x.x.x network. I want to block the clients from talks to each other not block them from file/print servers.

Am I missing something?

dcsdne · ‎02-13-2020

Correct and That worked. Thank you very much for your help.

View solution in original post

dcsdne · ‎02-13-2020

Correct and That worked. Thank you very much for your help.

Ronald_Dvorak · ‎02-13-2020

Could you also post the settings for the other tab (example below)…..

58a5289d9e3f482a8832f582710e7d3a_6b72a953-a751-4192-b369-8b79df211695.png

I’d assume that the client topology is 906 in your example.

In that case set it as above to contain VLAN and use the 906 topology and set the last rule to allow instead of action 906.

In that case the rule set would ….

allow the default GW of 10.5.0.1
deny the rest of 10.5.0.0/22
allow all other traffic (i.e. DNS)

Ron

dcsdne · ‎02-13-2020

4d5ddd90cb054579af8f5b39a51842ef_d33bf6a6-9d2e-4002-a152-be89e311e50f.png

Ronald_Dvorak · ‎02-13-2020

Could you please post a screenshot of the rule set that you use in the role.

-Ron

Extreme Networks

Blocking Client to Client communication

Blocking Client to Client communication