131
Chapter 22 Port isolation Commands
Port Isolation provides a method of restricting traffic flow to improve the network security by
forbidding the port to forward packets to the ports that are not on its forwarding port list.
port isolation
Description
The port isolation command is used to configure the forward port list of a port,
so that this port can only communicate with the ports on its port list. To delete
the corresponding configuration, please use no port isolation command.
Syntax
port isolation gi-forward-list gi-forward-list
no port isolation
Parameter
gi-forward-list —— The list of Ethernet ports.
Command Mode
Interface Configuration Mode (interface gigabitEthernet / interface range
gigabitEthernet)
Example
Set port 1, 2, and 4 to the forward port list of port 5:
TL-SG3424(config)# interface gigabitEthernet 1/0/5
TL-SG3424(config-if)# port isolation gi-forward-list 1/0/1-2,1/0/4
Set all Ethernet ports to forward port list of port 2, namely restore to the default
setting:
TL-SG3424(config)# interface gigabitEthernet 1/0/2
TL-SG3424(config-if)# no port isolation
show port isolation interface
Description
The show port isolation interface command is used to display the forward port
list of a port.