This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

NAC Gateway - IP Resolution Possibilities

NAC Gateway - IP Resolution Possibilities

M_Nees
Contributor III

‎01-31-2017 01:58 PM

Analysing recurring MAC-to-IP Resolution problems in conjunction with EXOS Switches...

SecureStacks switches seems to be easier to handle regarding this topic - maybe of the existing nodealias functionality ...

My question is:
what does "Always Use Fully Trusted DHCP IP" ??
 

f2bbe88f879a401dbfc9ca83d5ba57ff_RackMultipart20170131-115706-1yr3wam-Always-Use-Fully-Trusted-DHCP-IP_inline.png

 


Unfortunately no online Help - no manual - no GTAC KB

Anybody knows that feature ??

PS: These solve my problems basically:
https://extremeportal.force.com/ExtrArticleDetail?an=000066216

Regards

 

1 REPLY 1

TylerMarcotte
Extreme Employee

‎01-31-2017 03:11 PM

Hi Matthias,

I believe "Always Use Fully Trusted DHCP IP" means that the NAC needs to be able to see both sides of the DHCP conversation. Instead of just seeing the DHCP Request that is seen from IP Helper Addresses, NAC would also need to see the offers and informs afterwards. This is typically accomplished with either a port mirror, promiscuous mode in VMware, or via policy mirror for DHCP traffic.

Thanks,

Tyler
0 Kudos
li.common.scroll-to.top
GTM-P2G8KFN