Junos OS

 View Only
last person joined: yesterday 

Ask questions and share experiences about Junos OS.

  • 1.  SRX DHCP - Filter by MAC address

    Posted 02-22-2018 23:34

    SRX 240 is set to lease DHCP addresses.

    Is there a setting that if the MAC address is not found on the list then don't lease an IP address?

     

    Thank you.



  • 2.  RE: SRX DHCP - Filter by MAC address

     


  • 3.  RE: SRX DHCP - Filter by MAC address
    Best Answer

     
    Posted 02-23-2018 00:16

    JJJCR,

     

    Or you could also filter the MAC at the interface by allowing all/only known MAC.

    So allow only the known MAC(s) and rest all should be filtered.

     

     

    lab@SRX240# set ethernet-switching-options secure-access-port interface ge-0/0/2 ?
    Possible completions:
    + allowed-mac Allowed MAC address on this interface
    + apply-groups Groups from which to inherit configuration data
    + apply-groups-except Don't inherit configuration data from these groups
    > mac-limit Number of MAC addresses allowed on this interface
    persistent-learning Enable persistent MAC learning on this interface
    [edit]

     

    [edit ethernet-switching-options secure-access-port]

    >set interface ge–0/0/2 allowed-mac xx:xx:xx:xx:xx:xx

    >set interface ge–0/0/2 allowed-mac yy:yy:yy:yy:yy:yy
    > set interface ge–0/0/2 allowed-mac zz:zz:zz:zz:zz:zz

     

     

     



  • 4.  RE: SRX DHCP - Filter by MAC address

    Posted 02-25-2018 22:49

    Thanks, Karan. I guess setting the MAC statically should be okay.

    Of course, the only issue is new devices has to be enrolled manually.