Security

Reply
Occasional Contributor II
Posts: 13
Registered: ‎05-12-2016

Blocking bootp

We are looking at blocking bootp using a service acl then assigning to the authenicated and guest user roles.  When creating the policy under Security/Access Control/polices I used session as the policy type I see svc-dhcp udp67-68 and svc-bootp udp 67-69.  I choose svc-bootp in order to block bootp.  Is this correct/recommended way to block bootp and how does the controller differentiate DHCP from bootp?  Does this affect DHCP in any way?

 

 

 

 

 

William Cummings
NC State University
Guru Elite
Posts: 21,517
Registered: ‎03-29-2007

Re: Blocking bootp

I don't know what the difference is, but the logon-control ACL uses:

 

user    any                      udp 68                 deny

 

Which works in most situations to prevent clients from answering to DHCP requests.  It might work for bootp.  You should try it.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: