Meraki Community

marquitos666

Hi guys!! is possible to allo webex audio calls between clients connected to the same SSID, with "Layer 2 LAN isolation" enabled?

Thanks for all!!

Marcos

ww

Depends on the flow.

If the traffic goes from client to webex server to client, then yes.

If the flow is between the clients directly, then no

"With Client Isolation enabled, clients will only be able to communicate with the default gateway and will not be able to communicate with any other devices on the same VLAN (or broadcast domain). In order for the wireless client to communicate with another device, the upstream gateway must be used to enable this communication (e.g. inter-VLAN routing and ACLs). Any traffic bound for an address on the same VLAN as a device in client isolation will be denied. Traffic bound for other VLANs will be forwarded and routed normally."

thomasthomsen

I mean, in theory, you could do an ACL, something like this.

Blocking IP (L3) between clients, but permitting the L3 ports used by Webex to "any" aka, between clients, and to the rest of the network (and internet) on that SSID.

This does of course NOT block L2 traffic, but it should (will) block L3 traffic.

So if you have security concerns about pure L2 traffic, of course this will not solve your problem.

PS: above ports used are taken from the webex documentation.

I have no idea if these are the ports used for traffic (RTP) between clients. 🙂

Meraki Community

Layer 2 LAN isolation + allow webex audio between clients... is possible?

Layer 2 LAN isolation + allow webex audio between clients... is possible?