I am asking for help to know about controlling my users from accessing the network. The scenario is given below:
1. I want to configure a L3-switch as DHCP server with DHCP snooping enabled
2. I also want to enable ARP inspection
3. Now I want users will get IP from DHCP-server router but that user won't be able to communicate using network. I am planning to deny all IP packet except those I permit by ARP Access-list.
Now my question is, whether it is possible or not to do this by ARP access-list ?
If your answer is no then please suggest me the way to control my users from accessing the network until I permit them manually while DHCP server, DHCP snooping, ARP inspection all are in action. Would also appreciate if you please share a sample configuration.
you wrote users will get IP from DHCP-server router and L3-switch as DHCP server with DHCP snooping enabled, which is it? more likely PCs will get IPs from DHCP Server like Microsoft and not from router, but u can set up a router as DHCP server no problem. DHCP snooping should be enabled on access layer switch, not on L3, same goes with ARP inspection feature. do we have L2 access sw?
Inviting all network professionals in operations! We'd like to understand what would be valuable for you in a mobile application. Your response will help Cisco improve a product feature that could benefit you. Thanks!
Click here to take the sur...
Cisco’s software-defined wide area network (SD-WAN) solution allows user to quickly and seamlessly establish an overlay fabric to connect an enterprise’s data centers, branch and campus locations, as well as colocation facilities in order to imp...
1. Log into CLI of DNAC:
ssh maglev@< DNAC appliance IP> -p 2222
2. Run this curl command to get token to get member id:
curl -X POST -u admin:<admin user password> -H -V https://<CLUSTER-IP>/api/system/v1/identitymgmt/token
Enterprise Switching Business Unit is glad to announce Beta release 16.12.2 for all Catalyst 9200/9300/9400/9500/9600 and Catalyst 3650/3850 Platforms. This release is made available to allow users to test, evaluate and share fee...
Purpose of the document
This document describes the general recommendations or best practices when designing and deploying the Cisco SD-Access technology. The document assumes that the reader has a general overview of Cisco's SD-Access for Distributed C...