Dave, Thank you for the response. What I am trying to do is partition two ports (1,25) of the router so that the devices on those two ports can communicate with each other and not the rest of the ports. I need all the ports to have access to port 51 so that they can reach the internet. All devices on all ports are in the same IP range. I have attached a map and the cfg file. These settings work well for me except for this one particular laptop.

Config file:

vlan database

vlan 2

exit

interface range  gi1,gi25

switchport default-vlan tagged

exit

mac address-table static 00:00:aa:ba:49:aa vlan 2 interface gigabitethernet1

voice vlan state disabled

voice vlan oui-table add 0001e3 Siemens_AG_phone________

voice vlan oui-table add 00036b Cisco_phone_____________

voice vlan oui-table add 00096e Avaya___________________

voice vlan oui-table add 000fe2 H3C_Aolynk______________

voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone

voice vlan oui-table add 00d01e Pingtel_phone___________

voice vlan oui-table add 00e075 Polycom/Veritel_phone___

voice vlan oui-table add 00e0bb 3Com_phone______________

interface gigabitethernet1

lldp med disable

exit

interface gigabitethernet2

lldp med disable

exit

interface gigabitethernet3

lldp med disable

exit

interface gigabitethernet4

lldp med disable

exit

interface gigabitethernet5

lldp med disable

exit

interface gigabitethernet6

lldp med disable

exit

interface gigabitethernet7

lldp med disable

exit

interface gigabitethernet8

lldp med disable

exit

interface gigabitethernet9

lldp med disable

exit

interface gigabitethernet10

lldp med disable

exit

interface gigabitethernet11

lldp med disable

exit

interface gigabitethernet12

lldp med disable

exit

interface gigabitethernet13

lldp med disable

exit

interface gigabitethernet14

lldp med disable

exit

interface gigabitethernet15

lldp med disable

exit

interface gigabitethernet16

lldp med disable

exit

interface gigabitethernet17

lldp med disable

exit

interface gigabitethernet18

lldp med disable

exit

interface gigabitethernet19

lldp med disable

exit

interface gigabitethernet20

lldp med disable

exit

interface gigabitethernet21

lldp med disable

exit

interface gigabitethernet22

lldp med disable

exit

interface gigabitethernet23

lldp med disable

exit

interface gigabitethernet24

lldp med disable

exit

interface gigabitethernet25

lldp med disable

exit

interface gigabitethernet26

lldp med disable

exit

interface gigabitethernet27

lldp med disable

exit

interface gigabitethernet28

lldp med disable

exit

interface gigabitethernet29

lldp med disable

exit

interface gigabitethernet30

lldp med disable

exit

interface gigabitethernet31

lldp med disable

exit

interface gigabitethernet32

lldp med disable

exit

interface gigabitethernet33

lldp med disable

exit

interface gigabitethernet34

lldp med disable

exit

interface gigabitethernet35

lldp med disable

exit

interface gigabitethernet36

lldp med disable

exit

interface gigabitethernet37

lldp med disable

exit

interface gigabitethernet38

lldp med disable

exit

interface gigabitethernet39

lldp med disable

exit

interface gigabitethernet40

lldp med disable

exit

interface gigabitethernet41

lldp med disable

exit

interface gigabitethernet42

lldp med disable

exit

interface gigabitethernet43

lldp med disable

exit

interface gigabitethernet44

lldp med disable

exit

interface gigabitethernet45

lldp med disable

exit

interface gigabitethernet46

lldp med disable

exit

interface gigabitethernet47

lldp med disable

exit

interface gigabitethernet48

lldp med disable

exit

interface gigabitethernet49

lldp med disable

exit

interface gigabitethernet50

lldp med disable

exit

interface gigabitethernet51

lldp med disable

exit

interface gigabitethernet52

lldp med disable

exit

interface vlan 1

ip address 192.168.20.43 255.255.255.0

exit

ip default-gateway 192.168.20.1

interface vlan 1

no ip address dhcp

exit

hostname Cisco-SG300-52

no passwords complexity not-current

passwords aging 0

username admin password encrypted 44a61231328af9b88a73993ec7525718f49af951 privilege 15

username administrator password encrypted 44a61231328af9b88a73993ec7525718f49af951 privilege 15

username cisco password encrypted 44a61231328af9b88a73993ec7525718f49af951 privilege 15

no snmp-server server

snmp-server location Hauppauge

snmp-server contact "IT Manager"

clock timezone " " -5

clock summer-time web recurring usa

clock source sntp

ip name-server  167.206.7.4 167.206.112.138 192.168.20.34

banner login 

Cisco SG300 52 port switch

interface gigabitethernet1

switchport mode general

switchport general allowed vlan add 2 untagged

switchport general pvid 2

exit

interface gigabitethernet25

switchport mode general

switchport general allowed vlan add 2 untagged

switchport general pvid 2

exit

interface gigabitethernet51

switchport mode general

switchport general allowed vlan add 2 untagged

exit

interface vlan 2

name MDI

exit

Dave,

     I am out of the office for the next two weeks so I will not be able to try this. I will do so as soon as I get back. Thanks again.

Regards, Tom

Tom.

Please alter those ports;

• 1 ,  25 and 51 and  by removing VLAN 2 as a untagged interface  and
• change the port back to the default which is  trunk mode
• Also untag vlan 1 on switch ports 1 and 25..

Could be easier just  to reset the switch to factory defaults  and just impliment the filters or access-lists I pasted in my earlier reply.

regards Dave

Dave,

     Thanks, the Access list did the trick.

- Tom