Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

can I exclude mac's from getting IP leases

I have an environment, where I need to exclude specific mac addresses from getting dhcp leases when running dhcp oon a IOS router. Is this possible?

2 ACCEPTED SOLUTIONS

Accepted Solutions
Bronze

Re: can I exclude mac's from getting IP leases

you must assign a separate dhcp pool for each static MAC-to-IP assignment.

So you can add new pools, but not add more MACs to the new pool

Hall of Fame Super Bronze

Re: can I exclude mac's from getting IP leases

I recommend taking the time to read the documentation:

http://www.cisco.com/en/US/docs/ios/12_4/ip_addr/configuration/guide/hipdhcps.html#wp1114732

HTH,

__

Edison.

10 REPLIES
Bronze

Re: can I exclude mac's from getting IP leases

Do you want one specific MAC to get always the same IP?

New Member

Re: can I exclude mac's from getting IP leases

No, I want specific mac's to not get a DHCP license.

Bronze

Re: can I exclude mac's from getting IP leases

I don't know if is there a way to do that, to block an mac address to get IP from DHCP in the router, but I see two ways you can follow:

1 - Create an MACAddress access list (to do that number it from 700 to 799)

then put this access list in the interface. (I don't know if it's really possible to put an mac access list in an interface) if so your problem is solved its just to block the desired MAC.

2- If the solution above does not work I would sugest you to create an fixed IP to that MAC address and and with an IP that is not in your network. For example, if your network is 192.168.1.0/24 you could give this mac an IP 1.1.1.1 with gateway 1.1.1.2.

See how to do it:

Router1(config)#ip dhcp pool IAN

Router1(dhcp-config)#host 172.25.1.33 255.255.255.0

Router1(dhcp-config)#client-identifier 0100.0103.85e9.87

Router1(dhcp-config)#client-name win2k

Router1(dhcp-config)#default-router 172.25.1.1

Router1(dhcp-config)#domain-name oreilly.com

Router1(dhcp-config)#dns-server 172.25.1.1

Router1(dhcp-config)#end

Router1#

Please rate if it helps.

New Member

Re: can I exclude mac's from getting IP leases

I was not able to get the mac related access-list applied to the interface. And, your example for statically assigning a mac to an IP is a bit confusing. I already have one scope on my router for the allowed users, would I create a second scope?

Bronze

Re: can I exclude mac's from getting IP leases

yes, a second scope that would apply only to the specific MAC (it thakes precedence over the dinamic allocation).

Then in this scope the IP address for this MAC will be completly different of the rest of your network, and if this MAC try to get an IP from your DHCP it will take an invalid IP and will access nothing in your network

New Member

Re: can I exclude mac's from getting IP leases

Ok, this should be the last question. Can I put more than one mac-to-IP in the new DHCP pool?

Bronze

Re: can I exclude mac's from getting IP leases

you must assign a separate dhcp pool for each static MAC-to-IP assignment.

So you can add new pools, but not add more MACs to the new pool

New Member

Re: can I exclude mac's from getting IP leases

I tried that, but still have nodes with MACs that I put on separate dhcp pools, pulling IP leases from the main generic dhcp pool on that router. Are you sure I need to prefix the mac in the client-id field with a "01" then slide the decimal point 2 places?

Hall of Fame Super Bronze

Re: can I exclude mac's from getting IP leases

I recommend taking the time to read the documentation:

http://www.cisco.com/en/US/docs/ios/12_4/ip_addr/configuration/guide/hipdhcps.html#wp1114732

HTH,

__

Edison.

New Member

Re: can I exclude mac's from getting IP leases

I did, and fully understand the technology. What I am not able to do, is statically bind a mac to an IP, even using the following example:

ip dhcp pool bad36

host 1.1.1.36 255.255.255.0

client-id 0100.16ce.7b95.01

where 0016.ce7b.9501 is the node mac.

The 1.1.1.36 if from a range on an ethernet, (as a secondary range) that is not allowed to route anywhere. Whenever that mac requests a dhcp lease, it gets it from the primary scope on the router. Am I missing something?

1454
Views
12
Helpful
10
Replies
CreatePlease to create content