Configuring ports for dhcp snooping, Figure 198: configuring dhcp snooping on a vlan – Microsens MS453490M Management Guide User Manual

C

HAPTER

14

| Security Measures

DHCP Snooping

– 347 –

W

EB

I

NTERFACE

To configure global settings for DHCP Snooping:

1.

Click Security, IP Source Guard, DHCP Snooping.

2.

Select Configure VLAN from the Step list.

3.

Enable DHCP Snooping on any existing VLAN.

4.

Click Apply

Figure 198: Configuring DHCP Snooping on a VLAN

C

ONFIGURING

P

ORTS

FOR

DHCP S

NOOPING

Use the IP Service > DHCP > Snooping (Configure Interface) page to

configure switch ports as trusted or untrusted.

CLI R

EFERENCES

◆

"ip dhcp snooping trust" on page 666

C

OMMAND

U

SAGE

◆

A trusted interface is an interface that is configured to receive only

messages from within the network. An untrusted interface is an

interface that is configured to receive messages from outside the

network or fire wall.

◆

When DHCP snooping is enabled both globally and on a VLAN, DHCP

packet filtering will be performed on any untrusted ports within the

VLAN.

◆

When an untrusted port is changed to a trusted port, all the dynamic

DHCP snooping bindings associated with this port are removed.

◆

Set all ports connected to DHCP servers within the local network or fire

wall to trusted state. Set all other ports outside the local network or fire

wall to untrusted state.

P

ARAMETERS

These parameters are displayed:

◆

Trust Status – Enables or disables a port as trusted.

(Default: Disabled)