You need some place for them to talk to (router). Take ports out of the VLAN that you don't want talking at all.
It's an education\configuration issue. ----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP ----- Original Message ----- From: "Josh Luthman" <[email protected]> To: [email protected] Sent: Wednesday, August 31, 2016 9:27:44 AM Subject: Re: [AFMUG] Netonix That's true. But AP1 can talk to ports 3-12. As could AP2 talk to ports 3-12. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Aug 31, 2016 at 10:25 AM, Ty Featherling < [email protected] > wrote: Luthman what are you expecting port isolation to do? If I enable isolation on two ports that both feed APs then clients on AP1 cannot directly communicate via L2 with clients on AP2. They have to go to the router first where they can be firewalled. It works like Client Isolation on the APs but across the switch. I use it too and like Cassidy said it keeps bridge tables tidy and keeps broadcasts contained. -Ty On Wed, Aug 31, 2016 at 9:15 AM, Josh Luthman < [email protected] > wrote: <blockquote> On the AP (wireless deal) it works like you would think. None of the stations/CPE/SM see each other. Netonix port isolation does NOT have the same behavior. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Aug 31, 2016 at 10:14 AM, Jeremy < [email protected] > wrote: <blockquote> ...but not if you have client isolation enabled in the AP, right? On Wed, Aug 31, 2016 at 8:07 AM, Josh Luthman < [email protected] > wrote: <blockquote> Sort of. If you have ISO on CPE1, CPE2+ all still get the traffic from CPE1. CPE being a wireless SM connected to an AP. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Aug 31, 2016 at 10:04 AM, Cassidy B. Larson < [email protected] > wrote: <blockquote> For ISO think of APs on a tower. Each AP has ISO enabled so they cant talk to each other, MAC addresses dont pollute each AP’s bridge table, etc. I have ISO disabled on the backhaul/router since it needs to talk to everybody. Enabling this cut down on huge mac table sizes on each AP at a site with a lot of APs and a lot of customers. DS is DHCP snooping. <blockquote> On Aug 31, 2016, at 8:01 AM, Josh Luthman < [email protected] > wrote: <image.png> MC is multi cast ISO is isolation, think client isolation on a wireless AP (though the ports excluded from ISO still get the traffic from isolated ports - it's really weird, seems pointless). Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Aug 31, 2016 at 9:57 AM, Chuck McCown < [email protected] > wrote: <blockquote> Like point to or hover the cursor over? I am not getting any of that. From: Josh Luthman Sent: Wednesday, August 31, 2016 7:53 AM To: [email protected] Subject: Re: [AFMUG] Netonix It's a switch. There's a long Youtube video for a bunch of things. It's pretty intuitive IMO. If you point to ISO/PS/DS it'll tell you what they are with alt text. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Aug 31, 2016 at 9:49 AM, Chuck McCown < [email protected] > wrote: <blockquote> Any good manual or online guide to explain all the options is these switches? I can presume a check box with MC may be a multicast filter but that is just a guess. Lots of options. ISO? PS? DS? I am not a router guy so some of these may be obvious those “skilled in the trade” but not to me. Details about the flow control options etc. I can go to their forum and search for questions like this but there really needs to be a manual or context sensitive help on the gui or something. I press F1 and get help for my browser. I see no help buttons. The CLI has the normal ? help things but super terse as usual. </blockquote> </blockquote> </blockquote> </blockquote> </blockquote> </blockquote> </blockquote>
