Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

How to deny a lease based on a filter applied to a network container?

Expert
Posts: 69
5473     0

We have Avaya IP phones for which we use LLDP in a Cisco switch to provide the voice VLAN ID to the phone.  Unfortunately, when the phones boot up, they first try DHCP on the data VLAN (untagged).  We need to deny offering a lease if the requesting device is a phone.  Once LLDP succeeds, the phones will try DHCP on the voice VLAN, succeed, and go on from there.

 

We've defined an IPv4 filter based on the existing fingerprint for "Avaya IP phone".  So far, so good.

We can apply that filter, with an action of "deny lease" to one or more DHCP data subnet scopes and it works as desired.

 

We have not found a way to apply it to existing network containers.  In IPAM, when editing a container, IPv4 Filters offers the Logic Filter List.  The only filters that are available are class-based ones.

 

What are we missing?  Or is there a better approach?

 

TIA

Showing results for 
Search instead for 
Did you mean: 

Recommended for You