for a quick test you can just allow everyting and see if the clients get IP address. that way you rule out the DHCP piece of it.
But looking at the access-list, i think you should also add allow all as the last rule after your deny statement
You must allow DHCP to any ip addresses. A DHCP request is sent as a broadcast and not directly to the DHCP server.
At the end of each ACL is an implicit deny all entry. If necessary you should enable targets that should be reached.
It works. I leave photo here for reference.
Both ways below are work.
Visitors are able to get ips from dhcp server, unable to access intranet, able to access internet.
Hi, you can change the DNS line to the especif server if you want, the only one needed to any is the dhcp rule.
I hope this helps
© Copyright 2023 Hewlett Packard Enterprise Development LPAll Rights Reserved.