Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

DHCP Snooping

Hi All

I have a network that contains more than 4000 nodes and I use Cisco Switches and Routers in my network as well as other non managable switches like DLink,LinkSys,etc..

I have the problem or ARP Spoofing in my network so I decided to use DHCP Snooping feature on the Cisco Switches to fix this problem but my network also contains non-managable switches so can anyone tell me how to use the DHCP snooping feature in a network containing cisco and non cisco switches?

I know how to configure DHCP snooping in cisco switches but i want to know how to use it with other switches.

All the network runs behind a PIX.

Please help me about this.

4 REPLIES
Community Member

Re: DHCP Snooping

Hi,

Firstly you need to run Dynamic ARP Inspection and maybe IP Source Guard which usually work with DHCP Snooping.

You have to set the interface to untrusted and manually build ARP ACLs, it's sounds horrible and I'm glad I've managed to avoid it up til now.

Here's the section from the 3750 manual:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_25_see/configuration/guide/swdynarp.html#wp1038489

Hope this helps.

Jim.

Community Member

Re: DHCP Snooping

Hi Jim

Thanks for your reply but not all the switches in my network are managable cisco switches so can i still use DHCP Snooping on the main Cisco switches and will this fix the problem or the problem will still exist in the lower level of the network.

Hope you got what i mean.

Thanks for your help

Community Member

Re: DHCP Snooping

Hi,

It will exist on the unmanaged switches but you can limit it on the Cisco's.

Community Member

Re: DHCP Snooping

Hi Jim

Thanks for your reply.I just wanted to know if the problem will still exist on the unmanaged switches.

Thanks for your help

200
Views
0
Helpful
4
Replies
CreatePlease to create content