Solved

DHCP Snooping

Posted on 2008-06-21
4
676 Views
Last Modified: 2010-08-30
I have cisco 3560 as my access layer switches.All my PCs connecting to the network will be getting IP Address from the DHCP server.I dont want any PC or Laptop to connect to my network via static IP Address, only PCs asking for DHCP request will be allowed to have network access..Let me know how
DHCP snooping configuration can prevent the PCs with static IP Address .
0
Comment
Question by:RajeevSrikant
  • 2
  • 2
4 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 21837288
No. The purpose of DHCP Snooping is to prevent someone an unauthorized DHCP server from being connected to the network.
0
 

Author Comment

by:RajeevSrikant
ID: 21837339
So is there any way to prevent network access for PCs using static IP address to get connect to the network.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 21837345
Not that I'm aware of.

There's MAC address port security which only allows specific MAC addresses on a port. There's 802.1x which can allow port access based on authentication.

But I don't know of anything that restricts access based on whether the IP address was defined by a DHCP server.
0
 

Accepted Solution

by:
RajeevSrikant earned 0 total points
ID: 21837370
Thank you for your reply.
I am not looking for port security or 802.1x.
I will be using a solution where any PC getting connected to the network will be authenticated based on the MAC address when it generated the DHCP request to the DHCP server. The DHCP server will check the MAC address of the requesting PC in its database. If it matches then it gives the IP Address or else it denys giving the IP Address.
This soltion will work for PCs who reqests DCHP IP address.
But this soltuion will not work for PC using Static IPs.
So I am looking for similar soution for PC using static IPs.



0

Featured Post

Don't miss ATEN at NAB Show April 24-27!

Visit ATEN at NAB Show to learn how our "Seamlessly Entertaining" solutions deliver fast, precise video streaming without delays for the broadcasting and media environment. ATEN will showcase its 16x16 Modular Matrix Switch (VM1600) and KVM Over IP Solution (KE6900 series).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr‚Ķ

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question