Occasional Contributor II

Blocking bootp

We are looking at blocking bootp using a service acl then assigning to the authenicated and guest user roles.  When creating the policy under Security/Access Control/polices I used session as the policy type I see svc-dhcp udp67-68 and svc-bootp udp 67-69.  I choose svc-bootp in order to block bootp.  Is this correct/recommended way to block bootp and how does the controller differentiate DHCP from bootp?  Does this affect DHCP in any way?






William Cummings
NC State University
Guru Elite

Re: Blocking bootp

I don't know what the difference is, but the logon-control ACL uses:


user    any                      udp 68                 deny


Which works in most situations to prevent clients from answering to DHCP requests.  It might work for bootp.  You should try it.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Search Airheads
Showing results for 
Search instead for 
Did you mean: