Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

AP1220 DHCP Service

I have a bit of a conundrum, I have a client associating to an Aironet 1220 unit, the problem is - the client appears to have a DHCP server on his side, and to have plugged the bridiging unit (A Smartbridges Airbridge) into the ethernet switch. The issue I'm having is that the aironet ap (which has a public IP) appears to be encapsulating his traffic and fowarding it to the border router. This is not meant to happen, we have a DHCP server on the wired side of the AP which distributes public facing IP's. How would I disable DHCP/fowarding of clients on private IP's so they cannot get online unless they have been allocated a public IP by *our* dhcp server (or have a valid public IP entry on the ethernet interface).

Thanks for all the help!

1 REPLY
Cisco Employee

Re: AP1220 DHCP Service

The Aironet products are layer 2 devices meaning it will not matter what subnet the client is in it will still pass the traffic.

You will need to add this level of control via a router.

The simplest way would be a ACL on the ethernet interface

access-list 1 permit x.x.x.x y.y.y.y Where x.x.x.x is the starting IP of you valid address range and y.y.y.y is the reverse subnet mask

apply this inbound on the ethernet interface that goes to the AP

The rouge client will still be able to get up to the router but no further if you want to stop him you will need a router on his end.

260
Views
0
Helpful
1
Replies
CreatePlease to create content