Re: DHCP config

From: Gary Duncanson (gary.duncanson@googlemail.com)
Date: Tue Sep 25 2007 - 11:26:07 ART

• Next message: Cecil Wilson: "RE: iewb v4.1 lab 9 task 7.1 FRTS"
• Previous message: pankaj ahuja: "Re: SSL VPN Client -? clientless VPN or not?"
• Maybe in reply to: nicky noname: "DHCP config"
• Next in thread: Ben: "Re: DHCP config"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Rich,

Other than the cisco.com link to DHCP and arp authorised..

Chapter 21 Security in Odom covers features such as Dynamic ARP inspection
(DAI), DHCP Snooping and IP Source Guard. Combinations of these features
should offer lots of scope for secure arp.

HTH
Gary
----- Original Message -----
From: "Rich Collins" <nilsi2002@gmail.com>
To: "nicky noname" <cisco2study@gmail.com>
Cc: "Cisco certification" <ccielab@groupstudy.com>
Sent: Tuesday, September 25, 2007 2:25 PM
Subject: Re: DHCP config

> Well I believe in general if you don't specify database then all bindings
> are stored locally (whether secure or not). I am interested in hearing
> more
> about working with secure arp though.
>
> On 9/24/07, nicky noname <cisco2study@gmail.com> wrote:
>>
>> thanks rich... I haven't seen...I will try it out. I guess this is what
>> would be required, if you are not explicitlt told of a place to store the
>> database.
>>
>> nic
>>
>> On 9/24/07, Rich Collins <nilsi2002@gmail.com> wrote:
>> >
>> > If you want to do it locally isn't it enough to add this under the dhcp
>> > pool?
>> > ip dhcp pool MYNET
>> > ....
>> > update arp
>> > ...
>> >
>> > I think I read it somewhere that you need a corresponding
>> >
>> > arp authorized under the 'interface'.
>> >
>> > Rich
>> >
>> >
>> >
>> >
>> >
>> > On 9/24/07, nicky noname < cisco2study@gmail.com> wrote:
>> >
>> > > Hello,
>> > >
>> > > I am playing around with the IOS DHCP settings and i want to provide
>> > > DHCP
>> > > services to secure arp requests only.
>> > >
>> > > I though this was done by the command
>> > >
>> > > ip dhcp database XXXX
>> > >
>> > > Is this the only manner. I was hoping you could configure it locally.
>> > > This
>> > > command is looking for a specified URL.
>> > > I have read through doc cd...it's not great for this.
>> > >
>> > > regards
>> > > nic
>> > >
>> > > _______________________________________________________________________
>> > >
>> > > Subscription information may be found at:
>> > > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Cecil Wilson: "RE: iewb v4.1 lab 9 task 7.1 FRTS"
• Previous message: pankaj ahuja: "Re: SSL VPN Client -? clientless VPN or not?"
• Maybe in reply to: nicky noname: "DHCP config"
• Next in thread: Ben: "Re: DHCP config"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Oct 06 2007 - 12:01:15 ART