Solved: Network Access - Limiting Access DHCP

simoesmarco8626982 · ‎07-02-2021

Hi all,

hope to find everyone well

I have several 3650 with two ports configured for DHCP for the management VLAN. If a computer connects on those ports an IP address to this vlan is given and the PC is able to access the entire network.

My question is, without using access lists to limit the mac addresses of the computers allowed to grab an IP to access the network, is there any other way of limiting access to the network?

Unfortunately, I can't allow only certain macs due to the nature of the bussiness, since the laptops are always changing and people are constantly leaving and new people entering and I'm not the constant network administrator of the site and it would be impossible for me to be constantly updating the list.

Is there any other way of limiting access using the 3650?

Thank you

balaji.bandi · ‎07-02-2021

I have several 3650 with two ports configured for DHCP for the management VLAN.

When you mentioned management VLAN, i would expect this is seperate from Data VLAN, so the Manangement VLAN only need access Manangment related.

you can have PortACL to connect certain IP.

Other Option well tested Dot1.X

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

balaji.bandi · ‎07-02-2021

I have several 3650 with two ports configured for DHCP for the management VLAN.

When you mentioned management VLAN, i would expect this is seperate from Data VLAN, so the Manangement VLAN only need access Manangment related.

you can have PortACL to connect certain IP.

Other Option well tested Dot1.X

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help