none
DHCP filter issue RRS feed

  • Question

  • Hi frnds,

    My major requirement is guset usres are not allowed to my dhcp network via both DHCP and STATIC

    I configured the DHCP in my POC.

    I tested in DHCP its working.(guest are blocked) in dhcp filtering policy.

    But i put the static ip means its working.(GUEST)

    kindly give the possible solution.

    Tuesday, June 5, 2018 8:58 AM

All replies

  • Hi,

    Thanks for your question.

    Please try the following suggestions to see if it could be of help.

     

    If you set a static IP address for the client, the DHCP server loses its role and the filter does not take effect.

    So to avoid this situation, you need to disable the allocation of static IP addresses.

    Another method is to enableDHCP reservation.

    A DHCP reservation is a permanent IP address assignment. It is a specific IP address within a DHCP scope that is permanently reserved for leased use to a specific DHCP client.

    Refer to the following link:

    http://www.tech-faq.com/dhcp-reservation.html

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

     

    By the way, third-party routers/switches may support IP address policies, and you can configure these devices to achieve the purpose.

     

     

    Hope you have a nice day!

     

    Best regards,

    Travis 


    Please remember to <b>mark the replies as an answers</b> if they help.<br/> If you have feedback for TechNet Subscriber Support, contact <a href="mailto:tnmff@microsoft.com"> tnmff@microsoft.com</a>


    Wednesday, June 6, 2018 7:42 AM
    Moderator
  • Thanks for your reply.

    If i reserve the IP with a mac within the DHCP its working.

    The particular client is shutdown that the time i put that ip in other guest system(STATIC & without domain) the ip is resolved.

    I don't want to allow the guest with in my network.

    Give me a possible solution.

    regards,

    Ramkumar U  


    Thursday, June 7, 2018 7:45 AM
  • For your questions, I will give you following recommendations. Hope helpful to you:

    • Access Permission of NPS: This setting allows you to configure the policy to either grant or deny access to users if the conditions and constraints of the network policy are matched by the connection request.

    For your reference: Access Permission

    https://docs.microsoft.com/en-us/windows-server/networking/technologies/nps/nps-np-access

    • preventing access from computers which have been assigned manual IPs (or non-matching MACs) can be done with 802.1x. But you need to configure IEEE 802.1x port-based authentication on the switches firstly.

    You may refer to the following links for details:

    https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-2_55_se/configuration/guide/3750xscg/sw8021x.html

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information. Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information. 

    Regards,

    Travis



    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com


    Friday, June 8, 2018 6:52 AM
    Moderator
  • Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, June 22, 2018 9:42 AM
    Moderator