Example: Configuring port isolation (for single-isolation group devices)
Network configuration
As shown in Figure 21:
LAN users Host A, Host B, and Host C are connected to , , and on the device, respectively.
The device connects to the Internet through .
Configure the device to provide Internet access for all the hosts, and isolate them from one another.
Figure 21: Network diagram
Procedure
![[IMPORTANT: ]](images/important.png) | IMPORTANT: By default, interfaces on the device are disabled (in ADM or Administratively Down state). To have an interface operate, you must use the undo shutdown command to enable that interface. | |
# Assign , , and to the isolation group.
<Device> system-view [Device] interface [Device-] port-isolate enable [Device-] quit [Device] interface [Device-] port-isolate enable [Device-] quit [Device] interface [Device-] port-isolate enable [Device-] quit
Verifying the configuration
# Display information about the isolation group.
[Device] display port-isolate group
Port isolation group information:
Group ID: 1
Group members:
The output shows that , , and are assigned to the isolation group. As a result, Host A, Host B, and Host C are isolated from one another at Layer 2.