Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1351
Views
0
Helpful
1
Replies

Preventing/Eliminating Rogue DHCP Server

cmadiam82
Level 1
Level 1

‎01-13-2010 01:29 AM - edited ‎03-06-2019 09:16 AM

Hi All!

Is there any possibilities on how to prevent or even stop a rogue DHCP server giving bad IP addresses?

We have a ligitimate DHCP server on our campus LAN that gives the right IP address for our dhcp client workstations but sometimes, a rogue DHCP server is up and also gives bad ip addresses.

How can this be eliminated? We cannot find the rogue dhcp server.

Please help.

Thanks to you all!!!

Labels:
0 Helpful
1 Reply 1

Ganesh Hariharan
VIP Alumni
VIP Alumni

‎01-13-2010 01:50 AM

Hi,

DHCP snooping ensures IP integrity on a Layer 2 switched domain.With DHCP snooping, only a whitelist of IP addresses may access the network. The whitelist is configured at the switch port level, and the DHCP server manages the access control. Only specific IP addresses with specific MAC addresses on specific ports may access the IP network.DHCP snooping also stops attackers from adding their own DHCP servers to the network. An attacker-controlled DHCP server could wreak havoc in the network or even control it.

Check out the below link for configuring dhcp snooping in LAN hope that helps out your query !!

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/12ew/configuration/guide/dhcp.pdf

Regards

Ganesh.H

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card