VLAN-specific protected ports (GS1900-24HPv2)
Options
Hey all,
I have a GS1900-24HPv2 switch.
I have two wireless access points connected to port 1 & port 2 of my switch.
Both access points are hosting a main and a guest Wi-Fi network, which are on VLANs 1 and 2 respectively. (PVID is 1 for port 1 & 2, while VLAN 2 is tagged)
I want to set it up so that clients of the guest Wi-Fi can't talk to each other, but the clients of the main Wi-Fi can.
My switch has a "Protected Port" feature, which if I enable on two ports of my switch, it will block communication between those two ports.
My problem is that if I enable this feature on port 1 & 2, it will block communication not only between the clients of the guest network, but the main network as well (assuming the two clients are connected to different access points).
Is there a way to do what I want on this switch?
I have a GS1900-24HPv2 switch.
I have two wireless access points connected to port 1 & port 2 of my switch.
Both access points are hosting a main and a guest Wi-Fi network, which are on VLANs 1 and 2 respectively. (PVID is 1 for port 1 & 2, while VLAN 2 is tagged)
I want to set it up so that clients of the guest Wi-Fi can't talk to each other, but the clients of the main Wi-Fi can.
My switch has a "Protected Port" feature, which if I enable on two ports of my switch, it will block communication between those two ports.
My problem is that if I enable this feature on port 1 & 2, it will block communication not only between the clients of the guest network, but the main network as well (assuming the two clients are connected to different access points).
Is there a way to do what I want on this switch?
0
All Replies
-
Welcome to Zyxel community!! @nemSoma
There are another ways which is more fits in this case, if you use NSG/USG Flex as the gateway then can activate the guest Vlan in interface setting page.
If you don't have Nebula gateway then can configure in AP SSID settings (your guest VLAN ssid), please note that you need to put gateway MAC address, also the DHCP server MAC if you have another server for it.
Chris
0 -
@nemSoma
If your switch is standalone then "VLAN isolation" can fulfill this case but GS1900 does not support this feature please use GS1920 or GS2220 series instead.Chris
0
Zyxel Employee
Categories
- All Categories
- 385 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 75 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 908 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 886 Nebula FAQ
- 415 Security FAQ
- 228 Switch FAQ
- 200 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 63 Security Highlight
