Appendix E. VLAN Isolation
179
Appendix E. VLAN Isolation
VLAN mode
In the VLAN mode, the system can serve both tagged and untagged packets at the same time and LAN
interface will also be associated with an IP address. Currently, there are 32 VLANs available on each LAN
interface. Therefore, there will be total thirty-three “subnets” connected to each LAN port.
User/VLAN Isolation
As shown in the above example diagram, the traffic between VLAN1and VLAN2 will travel through the
DSA-6100. When the specific VLAN isolation rule (which is applicable to VALN1 and VLAN2) is activated in
DSA-6100, the traffic will be blocked by DSA-6100 and therefore the users on two VLANs are “isolated” from
each other. For more information about the VLAN isolation, here are the details:
1)
The VLAN isolation rules are configured in “Global Policy” and therefore apply globally to the entire system.
In other words, the rules apply to all users, including authenticated users, users on a non-authenticated
port, privileged users, VPN users, DMZ clients, and virtual servers.