No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>


To have a better experience, please upgrade your IE browser.


FAQ-How Do I Defend Against Bogus DHCP Servers at the User Side

Publication Date:  2015-06-16 Views:  439 Downloads:  0
Issue Description
How Do I Defend Against Bogus DHCP Servers at the User Side?
If a bogus DHCP server is deployed on a customer network, STAs may obtain invalid IP addresses from the bogus DHCP server but not from the AC or authorized DHCP server.

To defend against bogus DHCP servers, disable the DHCP trusted port on an AP in service set view. A DHCP server sends three types of DHCP packets: Offer, ACK, and NACK. When the AP receives any of these DHCP messages from a user-side interface, it considers the sender as a bogus DHCP server. The AP then discards the messages and reports the event to the AC over the CAPWAP tunnel.