- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Blocking client to client communication
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-21-2010 03:12 AM
тАО01-21-2010 03:12 AM
Lately we have seen a lot of client to client communiation - Mostly multiplayer games being played at classroom workstations.
Anyone with an soluation that blocks client to client communiation both at classroom switches and at the edge/core level?
Regards
Michael
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-21-2010 09:47 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-22-2010 12:01 AM
тАО01-22-2010 12:01 AM
Re: Blocking client to client communication
You can create a policy that configures the firewall on the workstations, not to allow these protocols.
And set permissions so the user cannot change the firewall config offc ourse.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-22-2010 12:12 AM
тАО01-22-2010 12:12 AM
Re: Blocking client to client communication
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-26-2010 08:52 PM
тАО01-26-2010 08:52 PM
Re: Blocking client to client communication
An example that I use in Hospitality settings is as follows for a 48 + port switch with the 49 and up ports as uplinks.
filter source-port 1 drop 2-48
filter source-port 2 drop 1,3-48
filter source-port 3 drop 1-2,4-48
filter source-port 4 drop 1-3,5-48
filter source-port 5 drop 1-4,6-48
filter source-port 6 drop 1-5,7-48
filter source-port 7 drop 1-6,8-48
filter source-port 8 drop 1-7,9-48
filter source-port 9 drop 1-8,10-48
filter source-port 10 drop 1-9,11-48
filter source-port 11 drop 1-10,12-48
filter source-port 12 drop 1-11,13-48
filter source-port 13 drop 1-12,14-48
filter source-port 14 drop 1-13,15-48
filter source-port 15 drop 1-14,16-48
filter source-port 16 drop 1-15,17-48
filter source-port 17 drop 1-16,18-48
filter source-port 18 drop 1-17,19-48
filter source-port 19 drop 1-18,20-48
filter source-port 20 drop 1-19,21-48
filter source-port 21 drop 1-20,22-48
filter source-port 22 drop 1-21,23-48
filter source-port 23 drop 1-22,24-48
filter source-port 24 drop 1-23,25-48
filter source-port 25 drop 1-24,26-48
filter source-port 26 drop 1-25,27-48
filter source-port 27 drop 1-26,28-48
filter source-port 28 drop 1-27,29-48
filter source-port 29 drop 1-28,30-48
filter source-port 30 drop 1-29,31-48
filter source-port 31 drop 1-30,32-48
filter source-port 32 drop 1-31,33-48
filter source-port 33 drop 1-32,34-48
filter source-port 34 drop 1-33,35-48
filter source-port 35 drop 1-34,36-48
filter source-port 36 drop 1-35,37-48
filter source-port 37 drop 1-36,38-48
filter source-port 38 drop 1-37,39-48
filter source-port 39 drop 1-38,40-48
filter source-port 40 drop 1-39,41-48
filter source-port 41 drop 1-40,42-48
filter source-port 42 drop 1-41,43-48
filter source-port 43 drop 1-42,44-48
filter source-port 44 drop 1-43,45-48
filter source-port 45 drop 1-44,46-48
filter source-port 46 drop 1-45,47-48
filter source-port 47 drop 1-46,48
filter source-port 48 drop 1-47
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-27-2010 12:17 AM
тАО01-27-2010 12:17 AM
Re: Blocking client to client communication
Yes workstations are domain members so a local firewall could be a quick fix. Thanks.
@Abdullah:
I'm familiar with basic ACL's. The IP scheme is workstations on 10.101.0.0/24 VLAN 308 and servers on 10.1.1/16 VLAN 300.
@Robert:
I did look into filter source ports and it is an efficient way to block local switch port to port communication. I was hoping for a more simple way to configure this - Configurations tend to get relatively complex with this.