TP-Link T1700X-16TS T1700X-16TSUN V1 CLI Reference Guide - Page 169

Chapter 23 Port Isolation Commands Port Isolation provides a method of restricting traffic flow to improve the network security by forbidding the port to forward packets to the ports that are not on its forwarding port list. 23.1 port isolation Description The port isolation command is used to configure the forward port/LAG list of a port/LAG, so that this port/LAG can only communicate with the ports/LAGs on its list. To delete the corresponding configuration, please use no port isolation command. Syntax port isolation { [ te-forward-list te-forward-list ] [ po-forward-list po-forward-list ] } no port isolation Parameter te-forward-list -- The list of Ethernet ports. po-forward-list -- The list of LAGs. Command Mode Interface Configuration Mode (interface ten-gigabitEthernet / interface range ten-gigabitEthernet / interface port-channel / interface range port-channel) Example Set port 1, 2, 4 and LAG 2 to the forward list of port 1/0/5: T1700X-16TS(config)# interface ten-gigabitEthernet 1/0/5 T1700X-16TS(config-if)# port isolation te-forward-list 1/0/1-2,1/0/4 po-forward-list 2 Set all Ethernet ports and LAGs to forward list of port 1/0/2, namely restore to the default setting: T1700X-16TS(config)# interface ten-gigabitEthernet 1/0/2 T1700X-16TS(config-if)# no port isolation 155