Client Security
3-93
CLI – This example enables DHCP Snooping Information Option, and sets the policy
as replace
.
DHCP Snooping Port Configuration
Configures switch ports as trusted or untrusted. An untrusted interface is an
interface that is configured to receive messages from outside the network or firewall.
A trusted interface is an interface that is configured to receive only messages from
within the network.
Command Usage
• Set all ports connected to DHCP servers within the local network or firewall to
trusted state.
• Set all other ports outside the local network or firewall to untrusted state.
Command Attributes
Trust Status – Enables or disables port as trusted. (Default: Disabled)
Web – Click DHCP Snooping, Information Option Configuration.
Figure 3-49 DHCP Snooping Port Configuration
Console(config)#ip dhcp snooping information option 4-120
Console(config)#ip dhcp snooping information policy replace 4-121
Console(config)#exit
Console#show ip dhcp snooping
Global DHCP Snooping status: disable
DHCP Snooping Information Option Status: disable
DHCP Snooping Information Policy: replace
DHCP Snooping is configured on the following VLANs:
Verify Source Mac-Address: enable
Interface Trusted
---------- ----------
Eth 1/1 No
Eth 1/2 No
Eth 1/3 No
.
.
.
To Next Page
Loading...
