Is there a hardware limitation for this feature to be enabled on port 25-48 on the MS250 ?
I don't want to physically re-patch devices to be able to use this functionality 😞
This doc says it is limited to first 24 ports
This restriction has existed for many years. So I suspect it is a hardware limitation.
Internally the 48 port switches are effectively two chips. Each chip is a 24 port switch with an interconnection between them.
I would say the issue is what while you could enable port security on the second chip like the first - it wont work between the chips. So people on the second chip wouldn't be able to talk with each other but could talk with anyone on the first switch.
Oh you had me worried there for a moment. I thought you were talking about the .1X access policies. But you're talking about port isolation. I'd try to avoid using the term "port security" for that to avoid confusion.
Thanks for the detailed response. Does this mean that the 48 port switches that do support isolation on all 48 ports use only one chip or is there something else they are doing to enable this? I know you’re not the authority on port isolation but figured I’d ask in case you knew. Thanks!
Thank you @cmr @and thank you @PhilipDAth for your responses. Cmr is correct, I’m asking if port isolation can be enabled for all 48 ports on the MS350s or above. However the dashboard is deceiving. The dashboard allows me to enable for all 48 ports for our MS225 even though it’s only supported on the first 24 ports. @PhilipDAth , any other thoughts on this? Thanks guys!