cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
731
Views
2
Helpful
6
Replies

P2P Blocking - Possible to Whitelist IP address?

mac1234
Level 1
Level 1

We have a guest WLAN setup. We are using P2P Blocking on this WLAN and have it set to "Drop".  This blocks all connectivity between connected devices on the guest WLAN. Works great. Controller is a 3504.

Question is this:  Is it possible to Whitelist an IP (or multiple IP's or a range) so that connected clients can connect only to the whitelisted address?

 

Reason, is we have a device that we may put on the guest WLAN that provides a service. We would like all connected guests to be able to reach this one device, but still be blocked between other guests.

 

6 Replies 6

Hi

  This is not possible. P2P Blocking will block all lateral communication on that specific WLAN. In your scnario, this specific device must be in the cabling network or another WLAN.

Ok.  And ACL does not apply for lateral?  I noticed I can create an ACL and then set on the WLAN advanced tab to 'override the interface ACL'. I guess this just applies for traffic in and out of the interface used by the WLAN though and not P2P traffic, correct?

Correct. Cisco made something really interesting by creating P2P, however, it seems they missed the next step which is allow us to add condittional P2P blocking. I´ve been on this path on the past and I did not found a way arount it

Unfortunatelly this is it.

Well, that's a bummer. It seems like it would be a simple thing, but oh well.

JPavonM
VIP
VIP

Unfortunatle Cisco does not have such feature than other vendors have, where you can create groups of isolated devices.

Rich R
VIP
VIP
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Review Cisco Networking products for a $25 gift card