Enabling a Trusted DHCP Server (CLI Procedure)
You can configure any interface on the EX Series switch that connects to a DHCP server as a trusted interface (port). Configuring a DHCP server on a trusted interface protects against rogue DHCP servers sending leases.
You configure a trusted DHCP server on an interface, not on a VLAN. By default, all access interfaces are untrusted and all trunk interfaces are trusted.
To configure a trusted interface for a DHCP server by using the CLI (here, the interface is ge-0/0/8):
[edit ethernet-switching-options secure-access port]
user@switch# set interface ge–0/0/8 dhcp-trusted Related Topics
- Enabling a Trusted DHCP Server (J-Web Procedure)
- Example: Configuring Port Security, with DHCP Snooping, DAI, MAC Limiting, and MAC Move Limiting, on an EX Series Switch
- Example: Configuring a DHCP Server Interface as Untrusted to Protect the Switch from Rogue DHCP Server Attacks
- Verifying That a Trusted DHCP Server Is Working Correctly
- Monitoring Port Security
- Understanding Trusted DHCP Servers for Port Security on EX Series Switches
