We help MSPs migrate from their UniFi controllers to UniHosted (included in the MSP plan)

How to use Port Isolation for UniFi

Published onby Dries (edited on )

Port isolation is a great feature for enhancing network security and managing data flow in UniFi. Basically, it's about segregating the traffic of different devices that are connected to the same network switch. The main reasoning behind it is to prevent them from communicating directly with each other.

This feature is particurly useful in environments like hotels or public Wi-Fi spots, where you want to ensure users can access the internet but not interact with other devices on the network.

Here's a step-by-step guide on how to enable port isolation in a UniFi network. Let's dive in!

Table of Contents

Understanding Port Isolation

Port isolation operates at the switch level. When enabled on a port, it prevents devices connected to that port from communicating with other devices on the same switch, except through an uplink port. This uplink port typically connects to a router or another switch, which then manages the network traffic.

Enabling Port Isolation in UniFi

  1. Access the UniFi Controller: You need to log into your UniFi Controller. The default login credentials are usually 'ubnt' for both username and password, unless they have been changed.

  2. Navigate to Devices: In the UniFi Controller dashboard, click on 'Devices'.

  3. Select the Switch: Find and select the switch where you want to enable port isolation.

  4. Configure Ports: Click on the switch to open its properties panel, then go to the 'Ports' section.

  5. Enable Port Isolation: For each port you want to isolate, click on the port, and under the 'Profile Overrides' section, enable 'Port Isolation'.

  6. Apply Changes: Once you have configured all the desired ports, apply the changes. The switch will likely undergo a provisioning process to apply these settings.

What you need to take into account

  • Uplink Configuration: Ensure that your uplink port is not isolated and is configured correctly to handle the segregated traffic.

  • Network Design: Port isolation should be part of a broader network security strategy. It works best when combined with other security measures like VLANs and firewall rules.

  • Device Compatibility: Ensure that the devices connected to the isolated ports do not require local network access to other devices for their operation.

Final Thoughts

Setting up port isolation is a straightforward process in the UniFi Controller. With it, you can enhance your network security, especially in multi-user environments.

At UniHosted, where all here for providing robust networking solutions. We recommend regularly reviewing and updating your network security configurations. Our cloud-hosted UniFi Controllers can do this for you.

Feel free to give us a try! Additionally, I'm happy to walk you through personally. You can schedule a call with me (Founder of UniHosted) here.

We host UniFi Controllers in the Cloud

Are you ready to take your UniFi Network to the next level? Deploy a UniFi Cloud Controller in minutes and manage your network from anywhere.

Deploy Now

Free tier available

Get the best support

Join 1660+ customers

No credit card required