Title: How to check the wireless user isolation failure of Ruijie AP? [Print this page] Author: GTAC-Sophia Time: 2023-7-25 10:48 Title: How to check the wireless user isolation failure of Ruijie AP? You can check according to the steps below.
1. Check if the user is on the same network segment, User isolation can only prevent users of the same network segment from accessing each other. If you want to prevent users from accessing different network segments, you need to configure ACLs on the user's gateway device to prevent cross-segment access
Example: Prevent Guest users from accessing intranet users
Guest vlan: vlan 233 192.168.7.0/24
Intranet resource vlan: vlan 6, 192.168.6.0/24 Ruijie#con ter Ruijie(config)#ip access-list extended 107 Ruijie(config-ext-nacl)#10 deny ip 192.168.7.00.0.0.255 192.168.6.0 0.0.0.255 Ruijie(config-ext-nacl)#20 permit ip any any Ruijie(config-ext-nacl)#exit Ruijie(config)#interface BVI 233 Ruijie(config-if-BVI 10)#ip access-group 107 in Ruijie(config-if-BVI 10)#end Ruijie#wr
Check that the user isolation type is correct, there are two types of user isolation for Ruijie AP: AP-based user isolation and SSID-based user isolation.
AP-based isolation: Users within the same AP cannot access each other. Ruijie(config)#wids Ruijie(config-wids)#user-isolation ap enable Ruijie(config-wids)#exit
SSID-based isolation:Users in the same WLAN on theAP cannot access each other. Ruijie(config)#wids Ruijie(config-wids)#user-isolation ssid-apenable Ruijie(config-wids)#exit 3. Check whether the configuration of the AP is configured with isolation whitelist. Whitelisted users can access normally Ruijie(config)#wids Ruijie(config-wids)#user-isolation permit-mac 0811.9692.244c Ruijie(config-wids)#exit 4. User isolation unable to isolate multicast and broadcast data
Welcome to Ruijie Community (https://community.ruijienetworks.com/)