02-06-2017 10:58 AM
We are looking at blocking bootp using a service acl then assigning to the authenicated and guest user roles. When creating the policy under Security/Access Control/polices I used session as the policy type I see svc-dhcp udp67-68 and svc-bootp udp 67-69. I choose svc-bootp in order to block bootp. Is this correct/recommended way to block bootp and how does the controller differentiate DHCP from bootp? Does this affect DHCP in any way?
NC State University
Solved! Go to Solution.
02-06-2017 01:41 PM
I don't know what the difference is, but the logon-control ACL uses:
user any udp 68 deny
Which works in most situations to prevent clients from answering to DHCP requests. It might work for bootp. You should try it.
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.