cancel
Showing results for 
Search instead for 
Did you mean: 

How to block Rogue DHCP Servers on the connected clients

How to block Rogue DHCP Servers on the connected clients

george_margarit
New Contributor

Looking to block DHCP Offers from connected clients.

From: Any (client)

To: Any

Source port: 67

Destination Port: 68

Protocol : UDP

Action: Block

Everything else: Permit

 

Can i have some guidance on how to set this up, so I don't also block DHCP Offers from our DHCP Server?

Thanks

1 ACCEPTED SOLUTION

AnonymousM
Valued Contributor II

Your source and destination ports look good, this is traffic from a dhcp server back to the client. So creating a rule like this is straight forward - the trick is to apply it on traffic FROM any client, and not the other way.

  • Classic: From-Access
  • NG: Outbound Traffic

 

On NG it should look like this:

7054be361cbe40a888455b5579cb2484_0690c000006V0iXAAS.png

 

I still highly recommend to test this first.

 

Hope this helps.

View solution in original post

7 REPLIES 7

AnonymousM
Valued Contributor II

Your source and destination ports look good, this is traffic from a dhcp server back to the client. So creating a rule like this is straight forward - the trick is to apply it on traffic FROM any client, and not the other way.

  • Classic: From-Access
  • NG: Outbound Traffic

 

On NG it should look like this:

7054be361cbe40a888455b5579cb2484_0690c000006V0iXAAS.png

 

I still highly recommend to test this first.

 

Hope this helps.

jose_gonzalez
Contributor

Enable DHCP snooping on your switches. You mark trusted ports where DHCP is allowed, such as routers, uplinks, trunk ports, and DHCP server location. The configuration varies from vendor to vendor.

sderikonja1
Contributor

My thought is block interstation traffic between wireless clients or using provided example allow DHCP requests to authorized DHCP servers and block all other DHCP traffic while permitting everything else.

GTM-P2G8KFN