Showing results for 
Search instead for 
Do you mean 
Reply
Highlighted
Super Contributor
Posts: 296
Registered: ‎10-11-2013
Accepted Solution

15.0.2.1 VLAN + Protocol Filtering

[ Edited ]

I have a fairly simple setup for a multi-site business customer. A 450 AP at a central site. The main office is on the ethernet side of this AP on a VLAN-aware switch. Then two remote offices behind SMs. Default management VLAN ID 1 on everything. SM Management VID pass-through is disabled so they don't see the rest of our normal traffic. Default Port VID 50 on the SMs. Port VID 50 on the switch port to the main office. This all works fine.

 

One of the offices is unmanned most of the time and I got a message that the rest of the network is seeing two DHCP servers. After looking at it for a few minutes, I can see that this remote unmanned office has a Linksys router plugged into the network backwards. So they were probably just trying to set up a wifi AP and plugged it into a LAN port on the Linksys.

 

I figured no problem, I'll just enable the BootP Server filter on that SM. I did that and it is simply not filtering it. The counter for that filter on that SM is sitting at zero and it's obviously still making it back into their network.

 

So my question is, do the filters not apply to VLAN traffic? That's what it looks like anyway.

Super Contributor
Posts: 296
Registered: ‎10-11-2013

Re: 15.0.2.1 VLAN + Protocol Filtering

I'm an idiot. The upstream direction wasn't enabled. It used to be enabled by default at some point in the past which is why I overlooked that. Oh well.