Blocking DHCP port
Is there a way that I can disallow newly connected WIFI devices from obtaining an IP address from my DHCP server?
Currently have the QUARANTINE group feature enabled; hence, all inbound/outbound network traffic is blocked until I release the device from QUARANTINE group. However, my Firewalla discovers several devices and place them in QUARANTINE group, but when I try to figure out the origin of these devices, I cannot find them on my list of devices.
Please advise...
-
The problem that I have is I have unknown devices are connected to my WIFI network. The firewall is doing a good job of blocking them from access local network and Internet. However, it does not block new devices from obtaining an IP address from my DHCP server (which is a Windows Server).
I believe that I should be able to create a group and members of this group cannot obtain an IP address from DHCP server. I tried several things, including create a rule which prevent all traffic to/from the DHCP server but it does not work.
-
I have the same request. I'd like to block my wifi satellites from obtaining a DHCP address from Firewalla - I've been fighting the DHCP between the Google Wifi and Firewalla. This would be an exceptional bit of functionality.
Note: My devices have a static MAC address so this should be more straight forward.
-
Yes, block firewalla from issuing an IP Address. Currently, my Google Wifi access points (not the main one that is hard wired) is getting an IP address from Firewalla - I want my Google Wifi access points (to get their IP from the Google Router (Main access point that is wired).
NOTE: Per your instructions on using Google Wifi Mesh with Firewall Purple - I setup a switch VLAN on my managed switch, lowered the DHCP IP Range to limit it to assign only my Wifi access points and one of them is still getting the Firewalla DHCP. It's a cat and mouse process to shut off all wireless devices to only allow the Wifi access points to get the Google DHCP address so I'm hoping Firewall can block any DHCP assignments by MAC Address. Hope that makes sense.
Please sign in to leave a comment.
Comments
12 comments