I'm looking to do something similar...I have a Cisco 1841 configured as a dhcp server and would like to block any other dhcp servers from the lan. I recently had a repurposed dsl router that I had configured for use as a wireless AP(disabled dhcp server, wan interface, etc.) Something(lightning, power surge, or an employee possibly) caused the device to factory reset which in turn re-enabled the internal dhcp server which brought down internet access for all clients depending on dhcp. Can dhcp snooping be configured to run on the 1841 which should be the only dhcp server on the lan or is this something that can only be handled through a switch config(we have multiple SLM2024 switches spread across this lan and I don't see an option to enable this feature and I don't believe there is a CLI for these switches either?) Thanks, Chris
... View more
Thank you sir for your help...here is my acl which is working beautifully. access-list 175 deny ip 10.1.0.0 0.0.255.255 10.2.0.0 0.0.255.255 access-list 175 permit ip 10.1.0.0 0.0.255.255 any access-list 175 permit ip 10.3.1.0 0.0.0.255 any access-list 176 permit ip 10.3.1.0 0.0.0.255 host 10.1.99.99 access-list 176 deny ip 10.3.1.0 0.0.0.255 10.1.0.0 0.0.255.255 access-list 176 permit ip 10.3.1.0 0.0.0.255 any I applied acl 176 to int gi0/1.1 and had to add the 3rd line to acl 175 to allow internet access out for the 10.3.1.0 network. The first entry on acl 176 is the machine I use for management. Thanks again...you are a life saver!
... View more