DHCP snooping is a DHCP security feature that provides security by filtering untrusted DHCP messages and by building and maintaining a DHCP snooping binding table. An untrusted message is a message that is received from outside the network or firewall and that can cause traffic attacks within your network. An untrusted interface is an interface that is configured to receive messages from outside the network or firewall. A trusted interface is an interface that is configured to receive only messages from within the network.
This article explains how to add trusted interfaces on SFE/SGE Managed Switches.
• SFE/SGE Series Switches
• v3.0.2.0
Step 1. Log in to the web configuration utility and choose Security Suite > DHCP Snooping > Properties. The Properties page opens:
Step 2. In the Enable DHCP Snooping field, check the Enable DHCP Snooping check box to enable the DHCP snooping on the device.
Step 3. Click Apply.
Caution: This only saves your configuration to the running configuration file. This means any changes made will be lost if the device is rebooted. If you wish to save these changes even after a system reboot, you need to copy the running configuration file to the startup configuration file. See Copy Configuration File on SFE/SGE Series Managed Switches for more information on how to do this.
Step 1. Log into the web configuration utility and choose Security Suite > DHCP Snooping > Trusted Interface. The Trusted Interfaces page opens:
Step 2. Click the Edit button. The Edit Trusted Interfaces page opens:
Step 3. To select an interface click either Port or LAG radio button. Click Port if you want apply bandwidth settings on particular port. Click LAG (Link Aggregation) if you want to add a bundle of a few or all individual ports. Then choose a particular value from the drop-down list next to it
Step 4. From the Trust Status drop-down list choose Enable.
Step 5. Click Apply to confirm these settings.
Caution: This only saves your configuration to the running configuration file. This means any changes made will be lost if the device is rebooted. If you wish to save these changes even after a system reboot, you need to copy the running configuration file to the startup configuration file. See Copy Configuration File on SFE/SGE Series Managed Switches for more information on how to do this.