I know this is a basic questions but can someone tell me how, in and environment with multiple VLANS how I restrict clients from only getting IP addresses via a WIndows DHCP server that is in the VLAN that they belong to? I know when can set up multiple DHCP scopes on the server but how do we restict them?
Thanks in advance. All replies rated!
If the DHCP request is from a machine in the local subnet then the DHCP server will offer an IP address in the local subnet. If the DHCP request is from a remote subnet then it will have been sent through a gateway (in IOS that is a device configured with ip helper-address pointing to the DHCP server). For a remote request the DHCP server looks at the gateway address and chooses the scope that matches the subnet of the gateway address. The restriction is built in and you do not have to do anything to get the restriction to work.