[c-nsp] DHCP Isolation
Jeremy Bresley
brez at brezworks.com
Thu Feb 16 18:52:43 EST 2012
On 2/16/2012 3:27 PM, Rich Trinkle wrote:
> I have a DHCP pool setup on a 7206 and then trunk that vlan to a 3750 that feeds out to multiple sites/pc's. For those pc's that are not sitting behind a router at the remote location, they are able to do a network scan and pick up all other devices that are on this same subnet (DHCP pool) that are also directly plugged in with no router. My question is this.
>
> How do I create isolation in that DHCP subnet/vlan so no one device and see another device within the same pool? Thank you in advance.
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/12.2_58_se/configuration/guide/swpvlan.html
Private VLANs should allow you to do exactly this. Each downstream port
would go in an isolated VLAN, the port facing the 7206 would be your
promiscuous port.
Jeremy "TheBrez" Bresley
More information about the cisco-nsp
mailing list