Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
11939
Views
5
Helpful
3
Replies

Access-list for block the DHCP request.

dipakpvaghela
Level 1
Level 1

‎05-13-2007 11:02 PM - edited ‎03-05-2019 04:02 PM

Dear All,

How can I block a DHCP request on cisco 2950 switches, I tried given below access list but it was not working so plz suggest

interface FastEthernet0/4

no ip address

ip access-group 102 in

!

Extended IP access list 102

deny udp host 10.12.14.120 any eq bootpc

permit ip any any

IOS : Version 12.1(19)EA1c,

Thank you in anticipation,

Regards,

Dipak

Labels:
3 Replies 3

gmarogi
Level 5
Level 5

‎05-21-2007 06:05 AM

The access-list which you have created is correct except the tu need to add one more statement to the list

access-list 102 deny udp any host 10.12.14.120 any eq 67

access-list 102 deny udp any host 10.12.14.120 any eq 68

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to gmarogi

‎05-21-2007 06:09 AM

Gabriel

The syntax that you suggest may be better but it does not address the problem of trying to assign an IP access list to an interface that is not processing IP. I do not believe that you can do this filtering on a 2950 layer 2 switch.

HTH

Rick

HTH

Rick
0 Helpful

luqmankondeth
Level 1
Level 1
In response to Richard Burts

‎05-21-2007 06:13 AM

depending on the switch IOS, you can filter layer3/4 information on the 2950 on an interface that is not processing IP itself.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card