- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-23-2013 12:49 PM - edited 03-07-2019 04:12 PM
Hello everyone,
I seem to have a rogue DHCP server on the network and have not been able to locate it. The switch shows it connected to switchport Po1, which I believe is the EtherChannel. can someone send me the commends or a link to blocking a single IP address from network access? router or switch level is fine. Thanks in advance!
all replies rated'\\\
Solved! Go to Solution.
- Labels:
-
Other Switching
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-23-2013 01:25 PM
Hello,
Try ths on the router interface/vlan interface.
!
ip access-list 100 deny udp any any eq 68 --> If i remember correct, server uses udp/68 to comunicate with clients
ip access-list 100 permit ip any any
!
int vlanx (where the rogue dhcp server located)
ip access-group 100 in
!
Thx
MS
Edit: if you know the IP address of rogue server, you can as well use host IP instead of 'any'.
Also, Cisco's recomendation is to use 'dhcp snooping'. Check cisco docs for more explanation.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-23-2013 01:25 PM
Hello,
Try ths on the router interface/vlan interface.
!
ip access-list 100 deny udp any any eq 68 --> If i remember correct, server uses udp/68 to comunicate with clients
ip access-list 100 permit ip any any
!
int vlanx (where the rogue dhcp server located)
ip access-group 100 in
!
Thx
MS
Edit: if you know the IP address of rogue server, you can as well use host IP instead of 'any'.
Also, Cisco's recomendation is to use 'dhcp snooping'. Check cisco docs for more explanation.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-24-2013 06:18 AM
Thanks!
