Hi,
hope all is great.
Recently I bought a CSS326-24G-2S+RM, upgraded to SwOS 2.13.
There is a strange behavior when I want to configure VLANs. If I change Port Isolation on Any port even the ones without VLANs or change the members of VLANs (again the ports shouldn’t have VLAN). VLANs don’t work at all ! Seems the only possible way to use VLANs is not to set any limitations!
Is there something wrong with CSS326/SwOS 2.13 or there is a config somewhere that needs to be change ?
If you are using VLANs, you likely have little need for the port isolation feature. I have two CSS326 switches running SwOS 2.13 that are mostly VLANs and pretty sure I have enabled some port isolation for a test I was doing a while back. I can do a test on it this evening - don’t want to do something that might break the switch when I am 26 miles away!
What exactly breaks (so I know what to test)?
Yeah I agree that is not necessarily needed but it would be like an extra pseudo security to isolate ports and members of VLANs, gives you more control on network.
In my use case I’m using something like this:
Port 1 → Just for managing switch and this port is isolated from all other ports.
Port 2 → Trunk port with 2 VLANs (100 & 200) both VLANs have DHCP servers.
Port 3 → Untagged with Default VLAN 100, connected to a computer for using VLAN100 Network.
Port 4 → Untagged with Default VLAN 200, connected to NVR for using VLAN200 Network.
Isolations :
Port 1 → Fully isolated
Port 2 → Access to Port 3 & Port 4
Port 3 → Access to Port 2
Port 4 → Access to Port 2
as I said before when there is no port isolation and all ports can access to all VLANs it works perfectly (DHCP work and can ping devices), but with limitations it breaks and VLANs don’t work at all (DHCP doesn’t work, even with static IP can’t ping devices).