03-24-2015 12:38 AM
On the wireless you put a rule in like this.
user any udp 68 deny
any any svc-dhcp permit
If my post is helpful please give kudos, or mark as solved if it answers your post.
ACCP, ACMP, ACMX #294
03-24-2015 03:01 AM
And for the wired part - make sure that the VLAN you would like to protect on is passing trough your controller.
and assign ACL role to that VLAN , it will do the trick . (user > any > udp 68 deny>) ... dont forget it will make your VLAN not trusted , so you will need to build a full ACL with allowed services.
*You may also create an ACL to a spesefic PORT*
read here more info:
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
03-24-2015 03:43 AM
If you look at "logon-control" inbuild policy in Aruba box, first line is to stop DHCP server traffic from the client. "User any UDP 68 deny" means any traffic from a wireless client with dest port as UDP 68 should be denied. hence if any client working as a rouge DHCP will be blocked.
For your ref :
Hope you got some more clarity on this.
[Is my post helped you ? Give Kudos :) ]