Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
291
Views
0
Helpful
2
Replies

Private VLANs on a regular Trunk port?

wezza2
Level 1
Level 1

‎08-05-2023 08:06 PM

I’m interested in implementing Private VLANs for the purpose of isolating guest Wi-Fi users from one another. We use Ubiquiti APs that gave guest isolation enabled but only for users connected to the same access point. In theory an Isolated Private VLAN should prevent them from communicating with anybody on the Guest Wi-Fi network via other APs on different ports, BUT the APs also host other SSIDs and need traffic from regular VLANs. Am I allowed to configure the AP ports as Trunks or do physical switch ports need to be dedicated to PVLAN usage via port types?

https://19216811.cam/ https://1921681001.id/
Labels:
0 Helpful
2 Replies 2

Kasun Bandara
VIP
VIP

‎08-05-2023 09:01 PM

@wezza2 hi, my personal idea is you can use normal guest vlan here. no need to use private VLANs. you can sperate Guest VLAN and other VLANS at layer 3 level and using L3 filtering with ACL/Firewall/etc.

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful

KJK99
Level 3
Level 3

‎08-06-2023 04:51 PM

@wezza2 

I guess you are thinking about connecting an AP to a private vlan isolated port. It will not work. Isolated ports are access ports. They cannot be defined as trunks. Also, a private vlan is a single subnet network.

Kris K
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card