cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3036
Views
10
Helpful
5
Replies

DHCP to always give the same IP to a PC connected on a switchport

derrick
Level 1
Level 1

Realize that the title might not make a whole lot of sense but here is my scenario. I have a guest VLAN that is completely blocked off from our Company's VLAN by use of ACLs. One of our guest needs access to a printer that is on our Co. VLAN. I don't want to open that printer to all the guest on the VLAN. So here is what I was hoping to do. The guest uses one of our meeting rooms. That meeting room has a port connecting to our c2960 switch. I was wondering if there is any way to only allow access to the specific port, without creating a new VLAN or moving the port to the Co. VLAN. I thought about doing this with static IPs but I don't want to configure her laptop with a static IP. So is there a way to setup DHCP to only give that PC connected to that switchport in the meeting room the same IP address each time she connects? Again realize that this may not make a whole lot of sense the way I described. But it's early and I haven't had my coffee yet so please bear with me. Thanks, Derrick

Hardware and IOS in use:

Router: (C870-ADVIPSERVICESK9-M), Version 15.1(1)T

Switch: (C2960-LANBASEK9-M), Version 12.2(55)SE,

5 Replies 5

cadet alain
VIP Alumni
VIP Alumni

Hi,

So is there a way to setup DHCP to only give that PC connected to that switchport in the meeting room the same IP address each time she connects

Yes this feature is called manual binding: you must create a separate DHCP pool.

ip dhcp pool GUEST

host 192.168.1.2 /24

client-identifier 01b7.0813.8811.66 or hardware-address b708.1388.1166

  Regards.

Alain.

Don't forget to rate helpful posts.

So this will only bind it by MAC address? Is it possible to bind to the switchport? Because I would like to have it so that any guest that goes into that meet room can use the printer.

Hi,

So this will only bind it by MAC address?

yes or client-identifier

Is it possible to bind to the switchport?

No.

Why not just do a regular pool for thes machines connecting to your printer?

Can you explain exactly what you want to achieve.

Regards.

Alain.

Don't forget to rate helpful posts.

If I create a regular pool how will that work? Because I can't create anymore VLANs I'm already using the max that is supported with my router. What I'm trying to do is have a reserved IP within that guess VLAN that will have access to the printer.  So my ACL will look something like:

access-list 100 permit ip host 192.168.2.2 host 192.168.1.20

access-list 100 deny deny ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255

access-list 100 permit ip any any

192.168.2.2 = Host on guest vlan

192.168.1.20 = Printer on Co. Vlan

I hope this helps clarify what I'm wanting. And thanks for the responses.

Hi,

if you can't create a guest vlan separate from other vlans then I don't see how you can do this.

But if you can create a guest vlan then maybe take a look at dot1x technology.

Regards.

Alain.

Don't forget to rate helpful posts.
Review Cisco Networking for a $25 gift card