Wireless (General)

Expand all | Collapse all

RIght NAC interfaces configuration for DHCP Snooping

  • 1.  RIght NAC interfaces configuration for DHCP Snooping

    Posted 10-24-2017 17:15
    Hello, everybody,

    I had a succesfull experience on bringing PC's OS data to Netsight. (It could be seen in Control >> End systems).

    NAC snoops DHCP data in VLAN and (after time-consuming sophisticated configuration) sends it to Netsight. (Where identity-management is also configured).

    But it was made for Default VLAN 1 and DHCP server was in the same VLAN.

    I want now to configure the same thing but in company where dozens vlan exists and all of them gets IPs by bootp-relay feature from Windows Server.

    My question is: what is proper configuration for a NAC interface? Bring all trunks to it?

    Please, advice me something correct.

    Many thanks in advance, Ilya


  • 2.  RE: RIght NAC interfaces configuration for DHCP Snooping

    Posted 10-24-2017 17:25
    Hello,

    You should be able to configure the network routers with an additional DHCP helper that is pointed to NAC.

    DHCP helper 1 points to real DHCP server
    DHCP helper 2 points to NAC

    The Router should send the DHCP discover/request packets to both the real windows DHCP server and the NAC appliance to perform DHCP snooping.

    Thanks
    -Ryan


  • 3.  RE: RIght NAC interfaces configuration for DHCP Snooping

    Posted 10-24-2017 17:25
    Thanks, I will try to do that.


  • 4.  RE: RIght NAC interfaces configuration for DHCP Snooping

    Posted 10-24-2017 17:25
    Hi, Ryan, I did as you'd said and it works perfectly well. Many thanks to you!