Access-list for DHCP

From: Richard Anderson (richard.p.anderson@sbcglobal.net)
Date: Tue Nov 23 2004 - 05:00:39 GMT-3

• Next message: Tom Lijnse: "RE: access-expression and dlsw"
• Previous message: ccie Meftahi: "O/T: ATM interface looped"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I have a stack of 3750 Switches uplinks to Cabletron Switch at the other
campus. The network is flat and Layer II.

              Campus A
Campus B

LAN----------------------3750 Stack 1/01--------------------Cabletron
Switch--------------LAN

I want to implement layer 3 access-list on 3750 to filter DHCP request
coming from Campus B's DHCP Server. The DHCP services is running on Active
Directory Server which is shared by both campuses.

Eventhough 3750 currently being used as a layer II switch, but I think I
can still configure layer 3 access-list on Layer 2 switch. If it is true
then what ports need to be blocked. Please see my example below.

3750 Configuration:

access-list 100 deny udp host x.x.x.x any eq (port#)

1/0/1-----------------Layer II Port:
 ip access-group 100 in

Please advise.

• Next message: Tom Lijnse: "RE: access-expression and dlsw"
• Previous message: ccie Meftahi: "O/T: ATM interface looped"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:49 GMT-3