Log in to ask questions, share your expertise, or stay connected to content. Don’t have a login? Join now.
Product and Software: This article applies to all Aruba controllers and ArubaOS versions.
The deny UDP 68 ACL (the default) prevents DHCP replies on a wireless network from wireless users from acting as a DHCP server.
If we deny UDP port 68, then what are we doing when we permit DHCP in the policy right after the deny UDP 68?
Example
ip access-list session controluser any udp 68 denyany any svc-dhcp permit
The 'any any svc-dhcp permit' allows the udp 68 from a DHCP server to be sent to the client because the first statement is an 'any' instead of a 'user'.
If you had an 'any any udp 68' deny, then the client would never get an IP address because the traffic is blocked bidirectional.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.