05-30-2014 10:35 AM
i was just set up a wireless network for a school use aruba 7xxx series. the deploy model is master/local. the clients get ip from external dhcp server .
now, i meet a problem is,here someone is pretend a dhcp server in the network, i think it is a dhcp attack. is there any setting need to enable on controller to avoid this case happen?
many thanks everyone give me some advices
Solved! Go to Solution.
05-30-2014 10:57 AM - edited 05-30-2014 10:58 AM
05-30-2014 11:10 AM
very appreciated...very helpful idea...but is there a way for mitigate man in middle attack? i mean that if some one pretend the gateway ip address, he will ruin the whole network...any setting on the controller ?
05-30-2014 11:13 AM - edited 05-30-2014 11:18 AM
There are two things you can do:
1) Enable "Enforce DHCP" in your AAA profile. This will stop a user from entering the user table if they did not receive their address via DHCP
2) Add your gateway addresses to the validuser ACL.