Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Dynamic Host Configuration Protocol (DHCP) Snooping Trusted Interface Settings on SFE/SGE Managed Switches

Available Languages

Download Options

  • PDF     (195.5 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (243.8 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (131.7 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:April 7, 2017
Document ID:SMB3679
Dynamic Host Configuration Protocol (DHCP) Snooping Trusted Interface Settings on SFE/SGE Managed Switches

Objective

DHCP snooping is a DHCP security feature that provides security by filtering untrusted DHCP messages and by building and maintaining a DHCP snooping binding table. An untrusted message is a message that is received from outside the network or firewall and that can cause traffic attacks within your network. An untrusted interface is an interface that is configured to receive messages from outside the network or firewall. A trusted interface is an interface that is configured to receive only messages from within the network.

This article explains how to add trusted interfaces on SFE/SGE Managed Switches.

Applicable Devices

• SFE/SGE Series Switches

Software Version

• v3.0.2.0

Enable DHCP Snooping

Step 1. Log in to the web configuration utility and choose Security Suite > DHCP Snooping > PropertiesThe Properties page opens:

Step 2. In the Enable DHCP Snooping field, check the Enable DHCP Snooping check box to enable the DHCP snooping on the device.

Step 3. Click Apply.

Caution: This only saves your configuration to the running configuration file. This means any changes made will be lost if the device is rebooted. If you wish to save these changes even after a system reboot, you need to copy the running configuration file to the startup configuration file. See Copy Configuration File on SFE/SGE Series Managed Switches for more information on how to do this.

Trusted Interface

Step 1. Log into the web configuration utility and choose Security Suite > DHCP Snooping > Trusted Interface. The Trusted Interfaces page opens:

Step 2. Click the Edit button. The Edit Trusted Interfaces page opens:

Step 3. To select an interface click either Port or LAG radio button. Click Port if you want apply bandwidth settings on particular port. Click LAG (Link Aggregation) if you want to add a bundle of a few or all individual ports. Then choose a particular value from the drop-down list next to it

Step 4. From the Trust Status drop-down list choose Enable.

Step 5. Click Apply to confirm these settings.

Caution: This only saves your configuration to the running configuration file. This means any changes made will be lost if the device is rebooted. If you wish to save these changes even after a system reboot, you need to copy the running configuration file to the startup configuration file. See Copy Configuration File on SFE/SGE Series Managed Switches for more information on how to do this.

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

Related Cisco Community Discussions

This Document Applies to These Products

About Us
Contact Us
Work with Us