[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 551
  • Last Modified:

Restrict DHCP

I would like to restrict DHCP udp port 67 to only be allowed if it originates from a certain host host 10.1.0.1. Can I do with with an access list on my switches?
0
jganyo
Asked:
jganyo
  • 2
1 Solution
 
nicawCommented:
Switches don't normally do this type of stuff. Firewall required.
0
 
Don JohnstonInstructorCommented:
What make/model switch?

Where is the 10.1.0.1 host located and where is the DHCP server located?
0
 
ditditCommented:
Cisco provides a feature on several of their Catalyst switches called "DHCP Snooping" that does what you are looking for.  The feature is described in "Securing the Wiring Closet with Cisco Catalyst Switches":
http://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns431/ns17/networking_solutions_whitepaper0900aecd80459628.html

Configuration example is contained in their "Catalyst 6500 Series Software Configuration Guide" - don't be put off that its in the 6500 guide, its the best example describing the feature for many of the Catalyst line.
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/configuration/guide/dhcp.html

ditdit
0
 
ditditCommented:
Still working on this problem?  Were the links I provided useful?
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now