Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1708
Views
5
Helpful
4
Replies

Reserve IP addresses with Cisco SG300

Go to solution
FarisAga
Level 1
Level 1

‎06-09-2021 04:38 AM

Hello there. We have been using Cisco SG300-52 in our company for many years. The device has worked at default settings since the day it was installed.

But since last 1 week, we started to need reserved transactions with IP or MAC addresses.

Which way do I need to use for reservations?

Example: Reserve the address 192.168.0.10, even if the USER1-PC is turned off, and prevent any device/machine from obtaining the IP address of 192.168.0.10.

 

 

topoloji.jpg

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Martin Aleksandrov
Cisco Employee
Cisco Employee

‎06-09-2021 06:17 AM

Hello Faris,

 

First of all, you can use your DHCP server and statically allocate IP addresses ( a MAC address of the host is manually mapped to an IP address) to the PCs  (USER1-PC and USER2-PC) that performs the reserved transactions. 

 

Then you can implement DHCP snooping, DHCP snooping binding database and IP source guard, in addition, to prevent other hosts from taking the IP address of their neighbours. With the DHCP snooping you ensure that hosts only use the IP addresses assigned to them when combined with the IP source guard.

 

1. From the switch web GUI you go to IP Configuration --> DHCP Server then assign IP addresses statically (device must operate in L3 mode).

2. Configure DHCP Snooping: IP Configuration --> DHCP Snooping Trusted Interfaces and choose the ports you would like to configure.

3. Configure DHCP Snooping Binding Database by adding required VLAN IDs, IP Addresses, Interfaces and MAC addresses.

4. Configure IP source guard (optional) - Go to Security --> IP Source Guard then enable it for both required interfaces and DHCP Snooping Binding Database.

 

Here are some step-by-step guides:

 

https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-small-business-300-series-managed-switches/smb5516-configure-dynamic-host-configuration-protocol-dhcp-trusted-i.html

 

https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-small-business-500-series-stackable-managed-switches/smb3097-configuration-of-ip-source-guard-binding-database-on-sx500-s.html

 

https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-small-business-500-series-stackable-managed-switches/smb3306-dhcp-snooping-binding-database-configuration-on-sx500-series.html

 

Regards,

Martin

 

 

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Martin Aleksandrov
Cisco Employee
Cisco Employee

‎06-09-2021 06:17 AM

Hello Faris,

 

First of all, you can use your DHCP server and statically allocate IP addresses ( a MAC address of the host is manually mapped to an IP address) to the PCs  (USER1-PC and USER2-PC) that performs the reserved transactions. 

 

Then you can implement DHCP snooping, DHCP snooping binding database and IP source guard, in addition, to prevent other hosts from taking the IP address of their neighbours. With the DHCP snooping you ensure that hosts only use the IP addresses assigned to them when combined with the IP source guard.

 

1. From the switch web GUI you go to IP Configuration --> DHCP Server then assign IP addresses statically (device must operate in L3 mode).

2. Configure DHCP Snooping: IP Configuration --> DHCP Snooping Trusted Interfaces and choose the ports you would like to configure.

3. Configure DHCP Snooping Binding Database by adding required VLAN IDs, IP Addresses, Interfaces and MAC addresses.

4. Configure IP source guard (optional) - Go to Security --> IP Source Guard then enable it for both required interfaces and DHCP Snooping Binding Database.

 

Here are some step-by-step guides:

 

https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-small-business-300-series-managed-switches/smb5516-configure-dynamic-host-configuration-protocol-dhcp-trusted-i.html

 

https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-small-business-500-series-stackable-managed-switches/smb3097-configuration-of-ip-source-guard-binding-database-on-sx500-s.html

 

https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-small-business-500-series-stackable-managed-switches/smb3306-dhcp-snooping-binding-database-configuration-on-sx500-series.html

 

Regards,

Martin

 

 

0 Helpful

Go to solution
FarisAga
Level 1
Level 1
In response to Martin Aleksandrov

‎06-09-2021 11:15 PM

Thank you for your response and help.
I will do the necessary work on the processes and write an answer to this topic.

0 Helpful

Go to solution
FarisAga
Level 1
Level 1
In response to Martin Aleksandrov

‎06-10-2021 01:34 AM - edited ‎06-10-2021 01:35 AM

Hello again.

The solution you suggested was sufficient for me and I achieved my goal.

Thanks again Martin.

0 Helpful

Go to solution
Martin Aleksandrov
Cisco Employee
Cisco Employee
In response to FarisAga

‎06-10-2021 02:58 AM

I am glad you make it and works well for you!

 

Thanks,

Martin

0 Helpful
Customers Also Viewed These Support Documents