So the first error you got was because the nic device doesn’t exist in the container, and only in the profile.
Editing the profile is fine, but if you did want to only apply this setting to a specific container then you can copy the device config from the profile into the container and modify it in a single command using the
override command, e.g.
lxc config device override c1 eth0 security.port_isolation=true
However whether editing the profile or editing the container’s device config, you’ll get the same error as it appears the port isolation feature isn’t supported on your host currently.
As you’re running Ubuntu Focal, it should work, and indeed does work on my system. However I’ve just now managed to reproduce the issue in a VM running the snap, so I’m wondering if this is some sort of race condition inside the Linux bridging subsystem or packaging issue.
I’ll investigate and let you know.