Configure Port Isolation
Network Requirements
- PC1 and PC2 are connected to Device, and they are in the same VLAN, VLAN2.
- On Device, port isolation has been configured; therefore, PC1 and PC2 cannot communicate with each other.
Network Topology
Figure 2-1 Networking for Configuring Port Isolation
Configuration Steps
Step 1: Configure a VLAN, and configure the link type of the ports.
#On Device, create VLAN2.
|
Device#configure terminal
Device(config)#vlan 2
Device(config-vlan2)#exit
|
#On Device, configure the link type of ports gigabitethernet0/1 and gigabitethernet0/2 to Access and allow the services of VLAN2 to pass.
|
Device(config)#interface gigabitethernet 0/1-0/2
Device(config-if-range)#switchport mode access
Device(config-if-range)#switchport access vlan 2
Device(config-if-range)#exit
|
Step 2: Configure port isolation.
#On Device, configure the isolation group.
|
Device#config terminal
Device(config)#isolate group 1
Device(config-isolate-group1)#
Device(config-isolate-group1)#end
Device#show isolate group 1
---------------------------------
isolate group 1
ingress member:
egress member :
both member :
|
#On Device, configure port isolation between port gigabitethernet0/1 and port gigabitethernet0/2.
Device#config terminal Device(config)#isolate group 1
Device(config-isolate-group1)#interface gigabitethernet 0/1-0/2
Device#show isolate group 1
------------------------------------------------
isolate group 1
ingress member:
egress member :
both members : gi0/1-0/2
#On Device, query the port isolation information.
Device#show isolate interface gigabitethernet 0/1-0/2
interface gigabitethernet0/1 isolated information
isolate group 1 mode: both
isolated interface:
gi0/2
interface gigabitethernet0/2 isolated information
isolate group 1 mode: both
isolated interface:
gi0/1
Step 3: Check the result.
#PC1 and PC2 cannot communicate with each other.
Switch
.png){kind=icon}
.png){kind=logo}
