prevent rogue dhcp server

Answered Question
Feb 24th, 2007

can someone please offer a suggestion or some documentation for preventing rogue dhcp servers from being connected to the network? i'm mosly concerned with one being connected at an access switches where only port security is currently used.

thanks.

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 9 years 7 months ago

Hi

You can use a feature called DHCP Snooping which allows you to define trusted ports where you connect your DHCP servers into and non-trusted ports for DHCP clients. As long as the person attaching the server does not have access to the switch config this would be fairly effective.

I don't know what type of access switches you have but i have included a link to configuration of DHCP Snooping on the 3750 switch.

HTH

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jon Marshall Sat, 02/24/2007 - 09:59

Hi

You can use a feature called DHCP Snooping which allows you to define trusted ports where you connect your DHCP servers into and non-trusted ports for DHCP clients. As long as the person attaching the server does not have access to the switch config this would be fairly effective.

I don't know what type of access switches you have but i have included a link to configuration of DHCP Snooping on the 3750 switch.

HTH

Jon

Actions

This Discussion