I will be connecting some clients directly to switchports.
But I`m really sceptical to do this, as it may create problems in my network.
The clients will connect to client VLANs with /25 mask, and use public IPs through DHCP or static IP.
I`m planning on using IP source guard for the clients with static IPs and DHCP snooping for the DHCP clients.
What more restrictions should I put on the interfaces/VLANs to make this as lttle painfull as possible?
PVLANs combined with ACLs are also an option. DHCP snooping & DAI would be added security.
Sent from Cisco Technical Support iPad App