UniFi DHCP Guarding - How-to block rogue DHCP servers on your network

preview_player
Показать описание
DHCP guarding is an often overlooked layer of network security. DHCP guarding tells your switch to watch broadcast traffic for DHCP and if the specified dhcp server(s) aren't the devices handing out DHCP -- it kills the traffic and doesn't allow unauthorized DHCP servers to operate. Other vendors implement this protection and may call it something different. It's quick and easy to setup on UniFi. If you want to see this setup on other vendors please let me know below!

Affiliate Links (I earn a small percentage of the sale if you use these links):

Contact us for network consulting and best practices deployment today! We support all Grandstream, Synology, DrayTek, Obihai, Poly, Ubiquiti, MikroTik, Extreme, Palo Alto, and more!

Come back for the next video!
Twitter - @WillieHowe
TikTok - @whowe82

SUBSCRIBE! THUMBS-UP! Comment and Share!
  1. Willie Howe
  2. ubiquity networks
  3. unify networks
  4. willie howe unifi
  5. willie howe technology
Рекомендации по теме
UniFi DHCP Guarding 0:05:08

UniFi DHCP Guarding - How-to block rogue DHCP servers on your network

UniFi New DHCP 0:02:57

UniFi New DHCP Lease View

UniFi Network - 0:14:25

UniFi Network - DHCP Options

¿Cómo habilitar el 0:00:55

¿Cómo habilitar el DHCP guarding en los equipos UNIFI?

70-741 Revision - 0:01:12

70-741 Revision - DHCP Guard

DHCP Attacks and 0:19:20

DHCP Attacks and Defense Strategies

Don't Get Hacked! 0:13:49

Don't Get Hacked! 10 Essential UniFi Security Settings You Need to Change!

Powerful protection for 0:18:30

Powerful protection for your network! // Unifi Express Review

Ubiquiti Router Configuration 0:03:02

Ubiquiti Router Configuration

UniFi Network BEGINNERS 0:46:14

UniFi Network BEGINNERS Configuration Guide | 2024

Block ALL ads 0:13:12

Block ALL ads with this…(and speed up your internet)

Ubiquiti 2024 Setup 1:12:54

Ubiquiti 2024 Setup Guide - Best Practice

UniFi, Get your 0:22:39

UniFi, Get your (IPv6) act together!

Configuring VLANs (Tagged 0:07:21

Configuring VLANs (Tagged and Untagged) in UniFI

Ubiquiti Unifi v4.8 0:08:45

Ubiquiti Unifi v4.8 - Setup Management VLAN

Unifi para principiantes 0:10:21

Unifi para principiantes - Cómo funciona y las razones de su éxito

DHCP snooping cómo 0:02:25

DHCP snooping cómo funciona

pfsense and Unifi 0:12:32

pfsense and Unifi VLANs , Securing VLANS

Ubiquiti Unifi Gateway 0:16:19

Ubiquiti Unifi Gateway Lite - SETUP & REVIEW

Habilitando e testando 0:02:33

Habilitando e testando DHCP Guard

5 Router Settings 0:13:57

5 Router Settings You Should Change Now!

#25 - Unifi, 0:35:33

#25 - Unifi, Cloud Key, USG-Pro, Controller, UAP-AC, VLAN's, WiFi, Guest Portal and TP-Link Swi...

UDM SE Full 0:37:41

UDM SE Full Configuration and review

UniFi Dream Machine 0:27:56

UniFi Dream Machine - the BEST WiFi router (Review and Advanced Setup)

Комментарии
Автор

Great video. At our church Unifi periodically informs me of a duplicate IP address on our network. I have had no luck tracking down the rogue DHCP server. I'll be turning this on and presumably the rogue device will stop working and we will discover what it is and where it is lol.

JeanPierreWhite
Автор

This is great. Would love one on the EDGE series too!

michaeldrankin
Автор

Would have loved to see some tries from another DHCP server trying to be it’s server

jakobholzner
Автор

Would like to hear your explanation of how DNS Shield works too.

smmaslanik
Автор

Perfect timing. I am having issues with DHCP Guarding not working. I can see you have DHCP Snooping enabled (which I don't), is that a requirement?

Sjokoz
Автор

Yeah buddy! Juniper switches come with dhcp guard enabled by default and all access ports are non trusted unless you specifically set them to trust the dhcp server. Can cause headaches if you don’t know but dhcp guard is great to keep in place

mtnsolutions
Автор

Yessss this is one of my favorite features because a couple of offices were crippled after somebody brought in Pitney Bowes postage meters that included nano routers by Tplink and these nano routers FORCED DHCP server to on in order to be DHCP CLIENTS like Wtf. Since then i have been adament about using DHCP guarding, snooping, inspection etc. but Unifis solution is bar none the easiest.

Wahinies
Автор

does this protect against arp spoofing, what about dynamic arp inspection?

jacksoncremean
Автор

When you said switch did you mean router (i.e. UDM)?

Moonraker
Автор

DHCP Guarding is turned on on my default network but I have two VLANs that multicast two internal originated video feeds to two monitors. Do those VLAN networks need to have guarding on and if so is the IP address of the DHCP server the same as on the defailt network?

davesilver
Автор

Whenever i turn on dhcp guarding i get multiple devices using the same IP

PabloTBrave
Автор

Can't get it to work. I connected an Asus router to the LAN port of my UDR. Then I accessed the WiFi on the Asus router and I connected and got an IP address. I have chosen DHCP Guarding for that network and also specified the UDR gateway address for that network as my DHCP server

peralm
Автор

Can this be done with Meraki firewall?

awprescott