At 28:38, was the guest clients isolation enforced because you had the "Client Device Isolation" box checked under vlan90? What if you uncheck that box, will clients be able to talk to each other? Please share. Thank you so much again for making these meaning full in-depth videos!
Good catch! I should have disabled it... Now I have torn down the lab environment, so cannot retest quickly. I will make sure to cover it in my coming "complete wifi client isolation" video.
@@hz777 I just noticed another thing..."Client Device Isolation" is under the "WiFi" category, per Unifi's definition, it only isolates clients under the SAME AP. But in real life, clients would roam among different APs...In order to isolate clients in the same VLAN, should we utilize ACL? I think you might have mentioned it in one of your previous video...Could you please recap this topic in your upcoming "complet wifi client isolation" video, even though this should not be limited to just WiFi...thanks again.
Dude, thanks for the video. So much information and comparison between guest network and wifi, I can't seem to find the answer to my question from the whole video, but maybe it's the translation difficulties. Is it possible to configure a specific client to access another specific client that is on an isolated network?
@@hz777 Are you sure? I have come to the conclusion that this is not possible. You can set up a firewall - that's understandable, but none of this applies when the "Isolated" checkbox is checked, or am I wrong?
@@htxfwv60h74o0i I did not say it clearly: if you choose the user interface's functions to isolate vlans, depending on how it's implanted (firewall rule or ACL rule), and where the rules are placed internally (the order between the "isolation rules" and your custom rules to enable specific accesses), you may encounter the situation you described. However, if you isolate the vlans by yourself, you have the controls on using firewall rules or acl rules, and you have controls on the order of the rules, so you can achieve what you want. Check my firewall rule vs. acl rule video.
At 28:38, was the guest clients isolation enforced because you had the "Client Device Isolation" box checked under vlan90? What if you uncheck that box, will clients be able to talk to each other? Please share. Thank you so much again for making these meaning full in-depth videos!
Good catch! I should have disabled it... Now I have torn down the lab environment, so cannot retest quickly. I will make sure to cover it in my coming "complete wifi client isolation" video.
@@hz777 I just noticed another thing..."Client Device Isolation" is under the "WiFi" category, per Unifi's definition, it only isolates clients under the SAME AP. But in real life, clients would roam among different APs...In order to isolate clients in the same VLAN, should we utilize ACL? I think you might have mentioned it in one of your previous video...Could you please recap this topic in your upcoming "complet wifi client isolation" video, even though this should not be limited to just WiFi...thanks again.
@TangDynasty1983 yes, in one of my previous videos. Yes will mention again in coming one
Dude, thanks for the video. So much information and comparison between guest network and wifi, I can't seem to find the answer to my question from the whole video, but maybe it's the translation difficulties.
Is it possible to configure a specific client to access another specific client that is on an isolated network?
Yes, it's possible. In one of my recent videos: firewall rule vs IP ACL rule, I touched the topic.
@@hz777 Are you sure? I have come to the conclusion that this is not possible. You can set up a firewall - that's understandable, but none of this applies when the "Isolated" checkbox is checked, or am I wrong?
@@htxfwv60h74o0i I did not say it clearly: if you choose the user interface's functions to isolate vlans, depending on how it's implanted (firewall rule or ACL rule), and where the rules are placed internally (the order between the "isolation rules" and your custom rules to enable specific accesses), you may encounter the situation you described.
However, if you isolate the vlans by yourself, you have the controls on using firewall rules or acl rules, and you have controls on the order of the rules, so you can achieve what you want. Check my firewall rule vs. acl rule video.
@@hz777 That's exactly what I meant, the "Isolated" checkbox can't be adjusted by any rules anymore (as I realized in the end.)