Dhcp snooping – Brocade Mobility Access Point System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

814

Brocade Mobility Access Point System Reference Guide

53-1003100-01

13

DHCP Snooping

Firewall

When DHCP servers are allocating IP addresses to clients on the LAN, DHCP snooping can be
configured to better enforce the security on the LAN to allow only clients with specific IP/MAC
addresses.

1. Select the Statistics menu from the Web UI.

2. Select System from the navigation pane (on the left-hand side of the screen). Expand a RF

Domain and select one of its connected access points.

3. Select Firewall and expand the menu to reveal its sub menu items.

4. Select DHCP Snooping.

FIGURE 79

Access Point - Firewall DHCP Snooping screen

The DHCP Snooping screen displays the following:

Forward Source Port

Displays the source port for the forward NAT flow (contains ICMP ID if it is an ICMP flow).

Forward Dest IP

Displays the destination IP address for the forward NAT flow.

Forward Dest Port

Destination port for the forward NAT flow (contains ICMP ID if it is an ICMP flow).

Reverse Source IP

Displays the source IP address for the reverse NAT flow.

Reverse Source Port

Displays the source port for the reverse NAT flow (contains ICMP ID if it is an ICMP flow).

Reverse Dest IP

Displays the destination IP address for the reverse NAT flow.

Reverse Dest Port

Displays the destination port for the reverse NAT flow (contains ICMP ID if it is an ICMP flow).

Refresh

Select the Refresh button to update the screen’s statistics counters to their latest values.

MAC Address

Displays the MAC address of the client requesting DHCP resources from the controller or
service platform.

Node Type

Displays the NetBios node from which IP addresses can be issued to client requests on this
interface.