I am asking for help to know about controlling my users from accessing the network. The scenario is given below:
1. I want to configure a L3-switch as DHCP server with DHCP snooping enabled
2. I also want to enable ARP inspection
3. Now I want users will get IP from DHCP-server router but that user won't be able to communicate using network. I am planning to deny all IP packet except those I permit by ARP Access-list.
Now my question is, whether it is possible or not to do this by ARP access-list ?
If your answer is no then please suggest me the way to control my users from accessing the network until I permit them manually while DHCP server, DHCP snooping, ARP inspection all are in action. Would also appreciate if you please share a sample configuration.
you wrote users will get IP from DHCP-server router and L3-switch as DHCP server with DHCP snooping enabled, which is it? more likely PCs will get IPs from DHCP Server like Microsoft and not from router, but u can set up a router as DHCP server no problem. DHCP snooping should be enabled on access layer switch, not on L3, same goes with ARP inspection feature. do we have L2 access sw?
1. Log into CLI of DNAC:
ssh maglev@< DNAC appliance IP> -p 2222
2. Run this curl command to get token to get member id:
curl -X POST -u admin:<admin user password> -H -V https://<CLUSTER-IP>/api/system/v1/identitymgmt/token
Enterprise Switching Business Unit is glad to announce Beta release 16.12.2 for all Catalyst 9200/9300/9400/9500/9600 and Catalyst 3650/3850 Platforms. This release is made available to allow users to test, evaluate and share fee...
Do you currently have hands-on networking experience? If you do, we'd love to hear from you!
Your feedback will be reviewed and analyzed by our team to directly influence a networking management and monitoring product.
Take the 20-min or les...