Occasional Contributor II

Blocking bootp

We are looking at blocking bootp using a service acl then assigning to the authenicated and guest user roles.  When creating the policy under Security/Access Control/polices I used session as the policy type I see svc-dhcp udp67-68 and svc-bootp udp 67-69.  I choose svc-bootp in order to block bootp.  Is this correct/recommended way to block bootp and how does the controller differentiate DHCP from bootp?  Does this affect DHCP in any way?






William Cummings
NC State University
Guru Elite

Re: Blocking bootp

I don't know what the difference is, but the logon-control ACL uses:


user    any                      udp 68                 deny


Which works in most situations to prevent clients from answering to DHCP requests.  It might work for bootp.  You should try it.

Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
Search Airheads
Showing results for 
Search instead for 
Did you mean: