Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Access-list for block the DHCP request.

Dear All,

How can I block a DHCP request on cisco 2950 switches, I tried given below access list but it was not working so plz suggest

interface FastEthernet0/4

no ip address

ip access-group 102 in

!

Extended IP access list 102

deny udp host 10.12.14.120 any eq bootpc

permit ip any any

IOS : Version 12.1(19)EA1c,

Thank you in anticipation,

Regards,

Dipak

3 REPLIES
Bronze

Re: Access-list for block the DHCP request.

The access-list which you have created is correct except the tu need to add one more statement to the list

access-list 102 deny udp any host 10.12.14.120 any eq 67

access-list 102 deny udp any host 10.12.14.120 any eq 68

Hall of Fame Super Silver

Re: Access-list for block the DHCP request.

Gabriel

The syntax that you suggest may be better but it does not address the problem of trying to assign an IP access list to an interface that is not processing IP. I do not believe that you can do this filtering on a 2950 layer 2 switch.

HTH

Rick

New Member

Re: Access-list for block the DHCP request.

depending on the switch IOS, you can filter layer3/4 information on the 2950 on an interface that is not processing IP itself.

4539
Views
0
Helpful
3
Replies