This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to block Rogue DHCP Servers on the connected clients

How to block Rogue DHCP Servers on the connected clients

Go to solution
george_margarit
New Contributor

‎04-20-2018 09:04 AM

Looking to block DHCP Offers from connected clients.

From: Any (client)

To: Any

Source port: 67

Destination Port: 68

Protocol : UDP

Action: Block

Everything else: Permit

 

Can i have some guidance on how to set this up, so I don't also block DHCP Offers from our DHCP Server?

Thanks

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
AnonymousM
Valued Contributor II

‎04-24-2018 09:27 AM

Your source and destination ports look good, this is traffic from a dhcp server back to the client. So creating a rule like this is straight forward - the trick is to apply it on traffic FROM any client, and not the other way.

  • Classic: From-Access
  • NG: Outbound Traffic

 

On NG it should look like this:

7054be361cbe40a888455b5579cb2484_0690c000006V0iXAAS.png

 

I still highly recommend to test this first.

 

Hope this helps.

View solution in original post

0 Kudos
7 REPLIES 7

Go to solution
AnonymousM
Valued Contributor II

‎04-24-2018 09:27 AM

Your source and destination ports look good, this is traffic from a dhcp server back to the client. So creating a rule like this is straight forward - the trick is to apply it on traffic FROM any client, and not the other way.

  • Classic: From-Access
  • NG: Outbound Traffic

 

On NG it should look like this:

7054be361cbe40a888455b5579cb2484_0690c000006V0iXAAS.png

 

I still highly recommend to test this first.

 

Hope this helps.

0 Kudos

Go to solution
jose_gonzalez
Contributor

‎04-20-2018 02:16 PM

Enable DHCP snooping on your switches. You mark trusted ports where DHCP is allowed, such as routers, uplinks, trunk ports, and DHCP server location. The configuration varies from vendor to vendor.

0 Kudos

Go to solution
sderikonja1
Contributor

‎04-20-2018 12:34 PM

My thought is block interstation traffic between wireless clients or using provided example allow DHCP requests to authorized DHCP servers and block all other DHCP traffic while permitting everything else.

0 Kudos
GTM-P2G8KFN