Client isolation on Standalone AP

Summary

Enable client isolation on Standalone AP

Question

Is there a way to enable Client Isolation on standalone AP?

Customer Environment

Standalone AP

Resolution

We do have some form of client isolation on standalone APs.
However, there has never been full client isolation on Standalone APs. 
Standalone APs do not have layer 3/layer4 isolation filters.
 
 
rkscli : set ap-bridge <wlan name> [enable|disable] 
rkscli : get ap-bridge <wlan name> 

set ap-bridge : set ap-bridge <wlan name> {enable|disable} 

-- Modify AP WLAN's wireless bridge mode 

Example : 

rkscli : get ap-bridge wlan0 
wlan0 AP-Bridge Mode: Disabled 
OK 
rkscli : set ap-bridge wlan0 enable 
OK 

 
The ‘set ap-bridge disable’ disables the inter BSS relay that permits clients associated to the same WLAN to intercommunicate directly via Layer 2 (MAC forwarding).  
Disabling this feature will not block users from 
directly communicating if associated to other WLANs on the same AP or across APs.

The full isolation feature is only available with ZoneDirector that manages layer 3 filter, implemented on each AP, that uses a destination Layer3/layer4 filter to block traffic on the locally defined subnets. However, it will not block L2 port snooping, ARP resolution, or other L2 communications across Access Points.

Article Number:
000001388

Updated:
August 12, 2020 04:06 AM (over 3 years ago)

Tags:
Configuration, Security, ZoneFlex Indoor, ZoneFlex Outdoor

Votes:
3

This article is:
helpful
not helpful

Working...Please wait

This is here to prevent you from accidentally submitting twice.

The page will automatically refresh.