We're running vSZ-H 3.4.1.0.208 with 116 APs connected in one Zone. When we try to setup Client WLANs with ClientIsolation turned on, there is no way of providing a "Whitelist" for MACs/IPs which should be excluded from that isolation (Basically Devices connected into the same VLAN per cable). When assigning an L2-Access Control Service rule to that WLAN with the MACs of Gateway/DHCP and MACs of Devices which should be reachable as allowed, it's not even possible to grab an IP from DHCP for the clients. Neither works the connection anyhow (Can't connect to the WLAN).
So what is the "Real" way to do a setup like this? Is there maybe a way to disable isolation but use User Traffic Profiles to block traffic in same VLAN but allow traffic from UE to designated IPs (Server IPs, Gateway, DHCP) in the same VLAN? Didn't try - just a guess.
Scenario is:
- WLAN with Client Isolation enabled
- Access-VLAN: One VLAN, no Pooling
- Server connected through cable in same VLAN as Access-VLAN - Can't be reached from UE (ping etc)!
What we need to achieve:
- WLAN with Client Isolation enabled
- Access-VLAN: One VLAN, no Pooling
- Server connected through cable in same VLAN as Access-VLAN - Server/s reachable from UE!
Any Ideas?