Enhancements in Release F.05.05 through F.05.70

Enhancements in Release F.05.05 through F.05.60

Operating Rules for Port Isolation

Port Isolation is intended only for networks that do not use VLAN tagging. (The switch must be in the default VLAN configuration before you configure port-isolation.)

Multiple VLANs are not allowed on the switch. If multiple VLANs exist on the switch, delete them and return the ports to the original default configuration as untagged members of VLAN 1. (VLAN configuration changes are not supported if port-isolation is running on the switch.)

Trunking is supported only on Uplink ports between switches. Remove any other port trunking from the switch.

LACP is allowed only on the Uplink ports. For security, LACP (active or passive) must be disabled on all other ports on the switch. To disable LACP active or passive on the switch’s ports, use this command syntax:

no int e < port-numbers> lacpGVRP must be disabled (the default).

IGMP operates only in non-data-driven mode, and works only on uplink ports. The switch floods multicast IP traffic arriving at non-uplink ports.

A Series 2500 switch with port-isolation enabled cannot export its port-isolation configura- tion. However, a Series 2500 configuration file on a server can include port-isolation commands.

The Isolated Port Groups feature operates within the context of the individual switch. It does not restrict free communication on the designated uplink port(s) to other devices on the network. A node connected to any non-local port (group1, group2, private, etc.) on one Series 2500 switch can communicate with a node connected to any non-local port (group1, group2, private, etc.) on another Series 2500 switch if the two switches are connected through their uplink ports.

Enabling port isolation and configuring individual ports to specific, non-default modes are separate steps. You must first enable port isolation. When you do so, all ports are configured in the (default) Uplink mode.

23