This restriction has existed for many years. So I suspect it is a hardware limitation.
Internally the 48 port switches are effectively two chips. Each chip is a 24 port switch with an interconnection between them.
I would say the issue is what while you could enable port security on the second chip like the first - it wont work between the chips. So people on the second chip wouldn't be able to talk with each other but could talk with anyone on the first switch.
Oh you had me worried there for a moment. I thought you were talking about the .1X access policies. But you're talking about port isolation. I'd try to avoid using the term "port security" for that to avoid confusion.
Thanks for the detailed response. Does this mean that the 48 port switches that do support isolation on all 48 ports use only one chip or is there something else they are doing to enable this? I know you’re not the authority on port isolation but figured I’d ask in case you knew. Thanks!
Thank you @cmr @and thank you @PhilipDAth for your responses. Cmr is correct, I’m asking if port isolation can be enabled for all 48 ports on the MS350s or above. However the dashboard is deceiving. The dashboard allows me to enable for all 48 ports for our MS225 even though it’s only supported on the first 24 ports. @PhilipDAth , any other thoughts on this? Thanks guys!
@LeoBac I've got some more MS355Xs on order, but they are only the 24 port ones... No plans to be at the site with the 48 port versions until the new year. @DarrenOC do you have any lying around?
If my answer solves your problem please click Accept as Solution so others can benefit from it.
