[c-nsp] preventing unwanted devices on the network
Dan Letkeman
danletkeman at gmail.com
Sat May 31 17:30:48 EDT 2008
Hello,
I'm looking for the best way to prevent unwanted wireless routers or
other unwanted bridging devices on a network. For example a wireless
router with the wan port plugged in to the network or a router in
bridging mode with dhcp off.
>From other posts I have read about using dhcp snooping. I'm wondering
if it works when someone plugs in a router into a switch because the
"wan" port will only request an address, the dhcp will be on the
routers "lan" side.
Also I would like to prevent unwanted static ip addresses on this
network as well. My current setup is a 3560 switch which has multiple
2960 switches connected to it. I would like to prevent this type of
traffic right at the edge ports. Would an access list be the
appropriate way to protect this? Unfortunately port security will not
work for us.
Thanks,
Dan.
More information about the cisco-nsp
mailing list