Configuration Guide DHCP Relay Configuration
Ruijie(config-ext-nacl)# permit ip any host 192.168.3.1 //Packet that can
be sent to the gateway
Ruijie(config-ext-nacl)# permit ip any host 192.168.4.1
Ruijie(config-ext-nacl)# permit ip any host 192.168.5.1
Ruijie(config-ext-nacl)# permit ip host 192.168.3.1 any
//Permit the packets whose source IP address is the gateway.
Ruijie(config-ext-nacl)# permit ip host 192.168.4.1 any
Ruijie(config-ext-nacl)# permit ip host 192.168.5.1 any
Ruijie(config-ext-nacl)# deny ip 192.168.3.0 0.0.0.255 192.168.3.0 0.0.0.255
//Prohibit unauthorized users from accessing each other
Ruijie(config-ext-nacl)# deny ip 192.168.3.0 0.0.0.255 192.168.4.0
0.0.0.255
Ruijie(config-ext-nacl)# deny ip 192.168.3.0 0.0.0.255 192.168.5.0
0.0.0.255
Ruijie(config-ext-nacl)# deny ip 192.168.4.0 0.0.0.255 192.168.4.0
0.0.0.255
Ruijie(config-ext-nacl)# deny ip 192.168.4.0 0.0.0.255 192.168.5.0
0.0.0.255
Ruijie(config-ext-nacl)# deny ip 192.168.5.0 0.0.0.255 192.168.5.0
0.0.0.255
Ruijie(config-ext-nacl)# deny ip 192.168.5.0 0.0.0.255 192.168.3.0
0.0.0.255
Ruijie(config-ext-nacl)# deny ip 192.168.5.0 0.0.0.255 192.168.4.0
0.0.0.255
Ruijie(config-ext-nacl)# exit
Then, apply the command to the global interfaces using the ip dhcp relay
information option dot1x access-group DenyAccessEachOtherOfUnauthrize
command.
To configure DHCP option dot1x access-group, execute the following
commands in the global configuration mode:
Configuring DHCP option 82
When the ip dhcp relay information option82 command is configured, the
device adds option in the format as described in Understanding DHCP Relay
Agent Information to the DHCP server during DHCP relay.
To Next Page
Loading...
