04-23-2018 06:11 AM - edited 07-05-2021 08:33 AM
How can i deny a traffic by 2 AccessPoints by 2 Clients?
So they will make a direct connection by my infrastructure LAN by 2 AccessPoints.
Is there a command where i can block and only allow the traffic to the internet on a Cisco 1532 AccessPoint?
Maybe the same as Wifi Direct but with 2 Accesspoints.
thanks
04-23-2018 01:19 PM
Are these AP are managed by single WLC ? if so you can set "P2P blocking action" to "Drop" under SSID advanced configuration.
HTH
Rasika
*** Pls rate all useful responses ***
05-02-2018 01:50 AM
They are standalone AP so no WLC.
If someone logged in at one AP and an other user on the other Ap they can make a direct connection by my infrastructure. So how can i deny this?
best regards
05-02-2018 01:44 PM
If you want to block clients connection within same AP, you can implement P2P blocking on radio level (it is known as Public Secure Packet Forwarding - PSPF in autonomous deployment)
Under specific radio interface (or sub-interface depend on you have multiple SSID), you can issue below command (use appropriate bridge group number as per your config).
bridge-group x port-protected
Above does not block if clients connecting to two different APs. If both APs connect to same switch, you can implement below.
https://learningnetwork.cisco.com/thread/31691
interface x/x
switchport protected
Give it a try and let us know how it goes
HTH
Rasika
*** Pls rate all useful responses ***
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide