Got it
Huawei Enterprise Support Community
Community Forums Access Network
Can disable client isolat...

Can disable client isolation based on the ip address?

Created: Jun 10, 2019 09:02:01Latest reply: Jun 11, 2019 02:48:32 844 10 0 0 0
  Rewarded HiCoins: 0 (problem resolved)
View the author 1#

Hi, we have one enviorment which need to diable client isolation for some ip addess on OLT. These devices are connected to the upstream core switches , but they are in the same vlan as the client PCs. PLease advise ,thanks in advance.

Like (0) Dislike (0) Favorite(0) Share Report
Previous: Migrate gigabit uplink to 10g
Next: Introduction to SmartAX MA5600T Series OLTs
Featured Answers

Recommended answer

(0) (0)
Gavin.Liu
Created Jun 10, 2019 12:59:50

Hi there!

You can try testing the ACL rules.
View more
  • x
  • convention:
All Answers
(1) (0)
2#
Gavin.Liu
Gavin.Liu Created Jun 10, 2019 09:55:22

Hi ,it seems you want to configure the 2 ONT communication each other in same VLAN ;
you can reference below :

Configuring VLAN-based Layer 2 User Bridging.
// create VLAN profile :
huawei(config)#vlan service-profile profile-id 3
huawei(config-vlan-srvprof-3)#user-bridging enable
huawei(config-vlan-srvprof-3)#commit
huawei(config-vlan-srvprof-3)#quit

//bind the VLAN profile to the VLAN (example vlan 300 is your service vlan):

huawei(config)#vlan bind service-profile 300 profile-id 3
View more
  • x
  • convention:
(0) (0)
3#
Peter2019
Peter2019 Created Jun 10, 2019 11:18:50

Thanks for your reply. But what I meant is one client A connected to the ONT, and another device B is connected to the upstream core switch , this two devices are in the some vlan, Can we whitelist the device B to let the client A communicate with device B? Device A is connected to ONT, but Device B is connected to the core switch. Please advise, thanks.
View more
  • x
  • convention:
(0) (0)
4#
Peter2019
Peter2019 Created Jun 10, 2019 11:20:51

we don't want to enable user-bridging (disable client isolation) for the whole VLAN, just need to whitelist some server IP addresses which are connected to the core switch. Please advise, thanks in advance.
View more
  • x
  • convention:
(0) (0)
5#
wwww20011
wwww20011 Created Jun 10, 2019 11:52:44

I think it can be implemented, but not configured on the ONT. Instead, it is configured on the core switch.
View more
  • x
  • convention:
(0) (0)
6#
Gavin.Liu
Gavin.Liu Created Jun 10, 2019 12:59:50

Hi there!

You can try testing the ACL rules.
View more
  • x
  • convention:
(0) (0)
7#
Peter2019
Peter2019 Created Jun 11, 2019 01:19:49

thanks for your reply. Can you please advise how to configure ACL on core switch? Need to disable client isolation first, then apply ACL on core switches?
View more
  • x
  • convention:

wwww20011
wwww20011 Created Jun 11, 2019 02:41:09 (0) (0)
You can configure it on the core switch without disabling client isolation.  
(0) (0)
8#
Peter2019
Peter2019 Created Jun 11, 2019 01:22:47

Another question is when Device A is connected to ONT, and device B connected to core switch, then default can ping from device A to device B or both directions can ping each other?
We tested it cannot ping device A (ONT) from device B (core switch) when they are in same vlan and same subnet.
View more
  • x
  • convention:
(0) (0)
9#
Peter2019
Peter2019 Created Jun 11, 2019 01:25:23

Sorry, we need to enable client isolation for whole VLAN ,but also need to whitelist some IP addresses. Some devices are connected to the core switch, and the client machines should be able to access them when they in same VLAN.
The post above maybe make you confused. sorry about that.
View more
  • x
  • convention:
(0) (0)
10#
liqiang185
liqiang185 Admin Created Jun 11, 2019 02:48:32

Hello Peter2019
please open another post,
This way more people will see and solve problems for you faster.
thanks
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.