Link to home
Start Free TrialLog in
Avatar of DaveICC
DaveICC

asked on

CISCO 2950, Prevent DHCP broadcast from others server on a lan

Hi,

I am using CISCO 2950 switchs and an 500G backbone on a LAN. I would like to prevent any other server
or workstation that connect to the LAN to be to act as a DHCP Server. Presently, my sbs2003 is managing IP addressing via DHCP.. this the only one that i need to be active. All others can must not be allowed.

thanks,
Avatar of doc_fields
doc_fields
Flag of United States of America image

I'm a little confused, you are wanting the switch configured to only accept DHCP broadcasts from your server and only your server?
The thing is clients will use broadcasts to requests addresses from the server as well. So if you block broadcasts your clients won't be able to use DHCP. There are lots of advance Cisco appliances out there that can help with staving off rouge DHCP servers on your network, but I am guessing you don't have access to any of those.
There is no way to configure the Switch to block that traffic from a specified source.
Avatar of DaveICC
DaveICC

ASKER

that is the challenge that i have.. if i block the broadcast, the clients don't get an ip.
Last week a user connected a laptop with a dhcp service running and it shutted down my DHCP on the DC... this my issue. So i am looking for a solution that will prevent other dhcp to assign ip on the LAN
Do you have any global policies in place?  How much control do the users have on there laptops and desktops?  You can prevent them from adding server services thru their OU and global policies.
Avatar of DaveICC

ASKER

That was an external consultant that came in iwth his laptop.. had no control on it.
ASKER CERTIFIED SOLUTION
Avatar of doc_fields
doc_fields
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of DaveICC

ASKER

For sure that is pretty rare to see a dhcp service running on a workstation.

Prevention actions have  already been discussed.

thanks,
Good to hear, I hope that they can help you establish that policy.