Skip to main content

16 Messages

 • 

320 Points

Tue, Feb 6, 2018 9:11 AM

Zoneflex H510 - wired clients isolation within AP.

I would like to know if there is a way to isolate all guest devices connected through cable to H510 ethernet ports (LAN1 - LAN4) in the same way as it can be configured for WLAN (by Wireless Client Isolation / Isolation Whitelist) ?
I want to ensure that all wired devices connected to ap A are unable to communicate with wired devices connected to ap B, when all ethernet ports on ap A and ap B are in the same VLAN.
Is it even possible?

Responses

60 Messages

 • 

1.3K Points

3 years ago

Hi Dawid,

I'm not sure on Ruckus WAPs itself, but a standard security practice in hospitality is to isolate L2 on your switches. That means that you do not allow your switch ports that have WAPs to talk to each other, only allowing it to talk to uplinks or Gateway.

This concept of port isolation is also known as Private VLAN. Most major switch manufacturers (HP/Aruba, Cisco, Brocade I know do for sure) support this functionality on managed switches. 


Best,
Alex

16 Messages

 • 

320 Points

3 years ago

Hello Alex,

Thank you for response. I know the standard security practice to isolate L2 using Private VLAN and also port protection as in Brocade or other 'big' vendors. But in our deploymnet we have 3rd vendor small access switches, where the APs are connected to. These switches doesn't support PVLAN or port protection. This is why I'm asking for isolation on ZF H510.