Chapter 12
| Security Measures
DHCP Snooping
– 350 –
â—† When the DHCP snooping is globally disabled, DHCP snooping can still be
configured for specific VLANs, but the changes will not take effect until DHCP
snooping is globally re-enabled.
â—† When DHCP snooping is globally enabled, and DHCP snooping is then disabled
on a VLAN, all dynamic bindings learned for this VLAN are removed from the
binding table.
Parameters
These parameters are displayed:
◆ VLAN – ID of a configured VLAN. (Range: 1-4094)
◆ DHCP Snooping Status – Enables or disables DHCP snooping for the selected
VLAN. When DHCP snooping is enabled globally on the switch, and enabled on
the specified VLAN, DHCP packet filtering will be performed on any untrusted
ports within the VLAN. (Default: Disabled)
Web Interface
To configure global settings for DHCP Snooping:
1. Click IP Service, DHCP, Snooping.
2. Select Configure VLAN from the Step list.
3. Enable DHCP Snooping on any existing VLAN.
4. Click Apply
Figure 223: Configuring DHCP Snooping on a VLAN
Configuring Ports for
DHCP Snooping
Use the IP Service > DHCP > Snooping (Configure Interface) page to configure
switch ports as trusted or untrusted.
Command Usage
â—† A trusted interface is an interface that is configured to receive only messages
from within the network. An untrusted interface is an interface that is
configured to receive messages from outside the network or fire wall.
To Next Page
Loading...
Need help?
General
