Security

Reply
Occasional Contributor II

Blocking bootp

We are looking at blocking bootp using a service acl then assigning to the authenicated and guest user roles.  When creating the policy under Security/Access Control/polices I used session as the policy type I see svc-dhcp udp67-68 and svc-bootp udp 67-69.  I choose svc-bootp in order to block bootp.  Is this correct/recommended way to block bootp and how does the controller differentiate DHCP from bootp?  Does this affect DHCP in any way?

 

 

 

 

 

William Cummings
NC State University
Guru Elite

Re: Blocking bootp

I don't know what the difference is, but the logon-control ACL uses:

 

user    any                      udp 68                 deny

 

Which works in most situations to prevent clients from answering to DHCP requests.  It might work for bootp.  You should try it.

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: