Hi all.
I have one base station (rb433 ros328) where 10 users are registered.
all the users have the cpe (rb411 ros328) configured to receive a dhcp address from the wlan1 of BS (for administrative purpose)
One user have the cpe configured as station-pseudobride, in which the bridge link the eth1 and wlan1.
This user in wlan1 have a linksys router which give dhcp addresses in the lan.
For a mistake the user attached the eth cable of the cpe to the eth socket of the linksys (where dhcp is enabled).
As a result other users get a provate ip address from this dhcp.
The question: how can I disable this ? Could I intervent in the CPE or in the bs ?
thanks janisk.
in my case, the dhcp in the BS is not configured. I must avoid that dhacp servers of my users can propagate to the other users.
Do you think I must insert a filter in all the cpe ?
Yes. If you’re not running a DHCP server and want to block other DHCP servers, you will have to block them via firewall rules.
Really, if you want to be the authoritative server you should still block other DHCP servers wherever possible (firewalls, switch ACLs, AP ACLs). Client behavior differs, but many clients simply talk to the first server that replies. If that rogue server is closer to the client than you are, it will probably get there first.