Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1549
Views
0
Helpful
2
Replies

User access control to the Network

olly ahmed
Level 1
Level 1

‎06-15-2019 11:37 AM

Hi All,

I am asking for help to know about controlling my users from accessing the network. The scenario is given below:

1. I want to configure a L3-switch as DHCP server with DHCP snooping enabled

2. I also want to enable ARP inspection

3. Now I want users will get IP from DHCP-server router but that user won't be able to communicate using network. I am planning to deny all IP packet except those I permit by ARP Access-list. 

 

Now my question is, whether it is possible or not to do this by ARP access-list ?

 

If your answer is no then please suggest me the way to control my users from accessing the network until I permit them manually while DHCP server, DHCP snooping, ARP inspection all are in action. Would also appreciate if you please share a sample configuration.

Labels:
0 Helpful
2 Replies 2

Martin L
VIP
VIP

‎06-16-2019 04:58 AM


you wrote users will get IP from DHCP-server router and L3-switch as DHCP server with DHCP snooping enabled, which is it?
more likely PCs will get IPs from DHCP Server like Microsoft and not from router, but u can set up a router as DHCP server no problem.
DHCP snooping should be enabled on access layer switch, not on L3, same goes with ARP inspection feature.
do we have L2 access sw?
0 Helpful

Martin L
VIP
VIP

‎04-16-2020 01:22 PM

DHCP snooping and ARP inspection work on L2 switch with port that are trusted - like trunks.

 

 

0 Helpful
Customers Also Viewed These Support Documents