Zoneflex H510 - wired clients isolation within AP.

  • 1
  • Question
  • Updated 10 months ago
I would like to know if there is a way to isolate all guest devices connected through cable to H510 ethernet ports (LAN1 - LAN4) in the same way as it can be configured for WLAN (by Wireless Client Isolation / Isolation Whitelist) ?
I want to ensure that all wired devices connected to ap A are unable to communicate with wired devices connected to ap B, when all ethernet ports on ap A and ap B are in the same VLAN.
Is it even possible?
Photo of Dawid Krawczak

Dawid Krawczak

  • 11 Posts
  • 0 Reply Likes

Posted 10 months ago

  • 1
Photo of Alex Shalima

Alex Shalima

  • 45 Posts
  • 18 Reply Likes
Hi Dawid,

I'm not sure on Ruckus WAPs itself, but a standard security practice in hospitality is to isolate L2 on your switches. That means that you do not allow your switch ports that have WAPs to talk to each other, only allowing it to talk to uplinks or Gateway.

This concept of port isolation is also known as Private VLAN. Most major switch manufacturers (HP/Aruba, Cisco, Brocade I know do for sure) support this functionality on managed switches. 


Best,
Alex
Photo of Dawid Krawczak

Dawid Krawczak

  • 11 Posts
  • 0 Reply Likes
Hello Alex,

Thank you for response. I know the standard security practice to isolate L2 using Private VLAN and also port protection as in Brocade or other 'big' vendors. But in our deploymnet we have 3rd vendor small access switches, where the APs are connected to. These switches doesn't support PVLAN or port protection. This is why I'm asking for isolation on ZF H510.