08-22-2013 07:54 AM - edited 08-22-2013 07:54 AM
So I probably am missing something easy here, but we have several 93H access points deployed in our network and it appears a user plugged a home router incorrectly into the 4 port switch causing a rouge DHCP to appear on the network. I applied a security policy:
user to [network effected] with svc-dhcp deny
Is there a more effective way to block these DHCP requests or am I going down the correct path?
Solved! Go to Solution.
08-22-2013 08:37 AM
Here is the ACL:
user any udp 68 deny
Make sure your port is untrusted and make sure the initial role in the AAA profile attached to that wired port has that ACL at the top
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
08-23-2013 01:59 AM
The reason cjoseph's andser is better than using the svc-dhcp option is that the svc-dhcp blocks both UDP 67 and UDP68.
You only want to block UDB 68. This way you allow DHCP discovery from users but not DHCP offers. You want the users to be able to obtain an IP ;)
The more effective way would than what cjoseph describes would be to walk over to the user and confiscate his Home Router :smileytongue:
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
08-23-2013 07:58 AM
That is in the works - but it is a new deployment and until everything is fully setup we are being a little nice. Things will be harder for them once they have to authenticate on the wire too...