Figure 38 port based vlan setup (port isolation), Table 17 port based vlan setup – ZyXEL Communications ES-2108 User Manual

Page 81

background image

ES-2108 Series User’s Guide

Chapter 8 VLAN

81

Figure 38 Port Based VLAN Setup (Port Isolation)

The following table describes the labels in this screen.

Table 17 Port Based VLAN Setup

LABEL

DESCRIPTION

Setting Wizard

Choose All connected or Port isolation.
All connected means all ports can communicate with each other, that is, there are no

virtual LANs. All incoming and outgoing ports are selected. This option is the most

flexible but also the least secure.
Port isolation means that each port can only communicate with the CPU

management port and cannot communicate with each other. All incoming ports are

selected while only the CPU outgoing port is selected. This option is the most limiting

but also the most secure.
After you make your selection, click Apply (top right of screen) to display the screens

as mentioned above. You can still customize these settings by adding/deleting

incoming or outgoing ports, but you must also click Apply at the bottom of the screen.

Incoming

These are the ingress ports; an ingress port is an incoming port, that is, a port through

which a data packet enters. If you wish to allow two subscriber ports to talk to each

other, you must define the ingress port for both ports. The numbers in the top row

denote the incoming port for the corresponding port listed on the left (its outgoing

port). CPU refers to the switch management port. By default it forms a VLAN with all

Ethernet ports. If it does not form a VLAN with a particular port then the switch cannot

be managed from that port.

Outgoing

These are the egress ports; an egress port is an outgoing port, that is, a port through

which a data packet leaves. If you wish to allow two subscriber ports to talk to each

other, you must define the egress port for both ports. CPU refers to the switch

management port. By default it forms a VLAN with all Ethernet ports. If it does not

form a VLAN with a particular port then the switch cannot be managed from that port.