06-09-2021 04:38 AM
Hello there. We have been using Cisco SG300-52 in our company for many years. The device has worked at default settings since the day it was installed.
But since last 1 week, we started to need reserved transactions with IP or MAC addresses.
Which way do I need to use for reservations?
Example: Reserve the address 192.168.0.10, even if the USER1-PC is turned off, and prevent any device/machine from obtaining the IP address of 192.168.0.10.
Solved! Go to Solution.
06-09-2021 06:17 AM
Hello Faris,
First of all, you can use your DHCP server and statically allocate IP addresses ( a MAC address of the host is manually mapped to an IP address) to the PCs (USER1-PC and USER2-PC) that performs the reserved transactions.
Then you can implement DHCP snooping, DHCP snooping binding database and IP source guard, in addition, to prevent other hosts from taking the IP address of their neighbours. With the DHCP snooping you ensure that hosts only use the IP addresses assigned to them when combined with the IP source guard.
1. From the switch web GUI you go to IP Configuration --> DHCP Server then assign IP addresses statically (device must operate in L3 mode).
2. Configure DHCP Snooping: IP Configuration --> DHCP Snooping Trusted Interfaces and choose the ports you would like to configure.
3. Configure DHCP Snooping Binding Database by adding required VLAN IDs, IP Addresses, Interfaces and MAC addresses.
4. Configure IP source guard (optional) - Go to Security --> IP Source Guard then enable it for both required interfaces and DHCP Snooping Binding Database.
Here are some step-by-step guides:
Regards,
Martin
06-09-2021 06:17 AM
Hello Faris,
First of all, you can use your DHCP server and statically allocate IP addresses ( a MAC address of the host is manually mapped to an IP address) to the PCs (USER1-PC and USER2-PC) that performs the reserved transactions.
Then you can implement DHCP snooping, DHCP snooping binding database and IP source guard, in addition, to prevent other hosts from taking the IP address of their neighbours. With the DHCP snooping you ensure that hosts only use the IP addresses assigned to them when combined with the IP source guard.
1. From the switch web GUI you go to IP Configuration --> DHCP Server then assign IP addresses statically (device must operate in L3 mode).
2. Configure DHCP Snooping: IP Configuration --> DHCP Snooping Trusted Interfaces and choose the ports you would like to configure.
3. Configure DHCP Snooping Binding Database by adding required VLAN IDs, IP Addresses, Interfaces and MAC addresses.
4. Configure IP source guard (optional) - Go to Security --> IP Source Guard then enable it for both required interfaces and DHCP Snooping Binding Database.
Here are some step-by-step guides:
Regards,
Martin
06-09-2021 11:15 PM
Thank you for your response and help.
I will do the necessary work on the processes and write an answer to this topic.
06-10-2021 01:34 AM - edited 06-10-2021 01:35 AM
Hello again.
The solution you suggested was sufficient for me and I achieved my goal.
Thanks again Martin.
06-10-2021 02:58 AM
I am glad you make it and works well for you!
Thanks,
Martin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide