17.1 Overview
Layer-2 isolation is used to prevent connected devices from communicating with each other in the
USG's local network(s), except for the devices in the white list, when layer-2 isolation is enabled on
the USG and the local interface(s).
Note: The security policy control must be enabled before you can use layer-2 isolation.
In the following example, layer-2 isolation is enabled on the USG's interface Vlan1. A printer, PC
and AP are in the Vlan1. The IP address of network printer (C) is added to the white list. With this
setting, the connected AP then cannot communicate with the PC (D), but can access the network
printer (C), server (B), wireless client (A) and the Internet.
Figure 196 Layer-2 Isolation Application
17.1.1 What You Can Do in this Chapter
• Use the General screen
the internal interface(s).
• Use the White List screen
C
HAPTER
(Section 17.2 on page
289) to enable layer-2 isolation on the USG and
(Section 17.3 on page
289) to enable and configures the white list.
USG20(W)-VPN Series User's Guide
288
Layer 2 Isolation
1 7