端口隔离 实验 讲解

同一项目组的员工都被划分到VLAN 10中，其中属于企业内部的员工允许相互通信，属于企业外部的员工不允许相互通信，外部员工与内部员工之间允许通信

[SW1]int g0/0/1
[SW1-GigabitEthernet0/0/1]di th
#
interface GigabitEthernet0/0/1port link-type accessport default vlan 10port-isolate enable group 1
#
return
[SW1-GigabitEthernet0/0/1]int g0/0/2
[SW1-GigabitEthernet0/0/2]di th
#
interface GigabitEthernet0/0/2port link-type accessport default vlan 10port-isolate enable group 1
#
return
[SW1-GigabitEthernet0/0/2]int g0/0/3
[SW1-GigabitEthernet0/0/3]di th
#
interface GigabitEthernet0/0/3port link-type accessport default vlan 10port-isolate enable group 1
#
return

[SW2-GigabitEthernet0/0/1]di th
#
interface GigabitEthernet0/0/1port link-type accessport default vlan 10
#
return
[SW2-GigabitEthernet0/0/2]di th
#
interface GigabitEthernet0/0/1port link-type accessport default vlan 10
#
return
[SW2-GigabitEthernet0/0/3]di th
#
interface GigabitEthernet0/0/1port link-type accessport default vlan 10
#
return

 完成