On the test I’ll take the Huawei Quidway S2326TP-EI and Huawei Quidway S3928P-EI switches, in which the uplink Gigabit Ethernet port 0/0/1 (the Internet comes to it), all other ports are in the same VLAN and you need to prevent them from seeing each other. To do this, execute the port-isolate enable command for each interface (port), except uplink GigabitEthernet 0/0/1.
We connect to the switch through the console or telnet and switch to the mode of elevated privileges:
We execute the command for interfaces:
interface Ethernet 0/0/1 port-isolate enable interface Ethernet 0/0/2 port-isolate enable interface Ethernet 0/0/3 port-isolate enable etc. interface Ethernet 0/0/24 port-isolate enable quit interface GigabitEthernet 0/0/2 port-isolate enable
For Huawei Quidway S3928P-EI there will be other commands:
interface Ethernet1/0/1 port isolate interface Ethernet1/0/2 port isolate ... interface GigabitEthernet 1/1/2 port isolate interface GigabitEthernet 1/1/3 port isolate interface GigabitEthernet 1/1/4 port isolate
Leave the interface setup mode:
Let’s leave the regime of elevated privileges:
Save the configuration:
Now the ports on which the port-isolate enable command is written do not see the other ports on which this command is also registered, they see only the ports where it is not registered, that is, in our case uplink port GigabitEthernet 0/0/1, and it, as on It does not have this command, it sees all the ports with the command and without.