DHCP disable on WAN interface

viorel.spinu · ‎01-13-2010

Hello,

I have a cisco router 1721, IOS 12.4(25a)

I enabled dhcp server for my local LAN, and I setup my WAN interface as dhcp interface.

My ISP told me that my router is acting as dhcp server on WAN interface...and is not good for them. Can I stop my cisco router from sending dhcp offers on WAN interface, but send dhcp offers for my local LAN ?

ip dhcp pool LOCAL
   import all
   network 192.168.1.0 255.255.255.0
   dns-server 193.x.x.x
   default-router 192.168.1.222
   domain-name appt.ro
   lease infinite
!
ip dhcp pool host1
   host 192.168.1.11 255.255.255.0
   client-identifier 0100.0ee8.e23d.94

interface FastEthernet0
mac-address 0019.66b3.d689
ip address dhcp
ip nat outside
ip virtual-reassembly
speed auto
full-duplex

FastEthernet0 is my WAN interface.

Thanks!

viorel.spinu · ‎01-23-2010

Can somebody please tell me if this is even posible ?

Joe Clarke · ‎01-23-2010

I imagine that clients on the WAN side are sending requests with a GIADDR field that matches your DHCP pool's scope. In that case, the router would handout an address. You could add an ACL to the WAN interface to block incoming udp/68 packets:

access-list 101 deny udp any any eq 68

access-list 101 permit ip any any

!

interface FastEthernet0

ip access-group 101 in

That should prevent the router from seeing the client requests while still being able to get server responses.