Home > User Interface > Configuration > Network Configuration > Networks > Network Settings
|
Menu path: Configuration > Network Configuration > Network Settings.
The Network Settings page is an element of the Network Configuration page. The settings here control DHCP monitoring.
A3 can locate a device on the network even if a port is not managed by A3. To use this feature all the devices must be added in A3 and enable SNMP read on the device and A3 sides. DHCP option 82 in enabled using the field below. When enabled, A3 will query devices via create a map of MAC address to device. A3 parses the DHCP Option 82 values and will use the map to resolve the MAC to the device and will update the location of the device shown in the Clients page.
The fields on the page are:
| Field | Usage | Example |
|---|---|---|
| DHCP Detector | If enabled, A3 will monitor DHCP-specific items such as rogue DHCP services, DHCP-based OS fingerprinting, computer name and hostname resolution, and (optionally) option-82 location-based information. The monitored DHCP packets are DHCPDISCOVERs and DHCPREQUESTs - both are broadcasts; a span port is not necessary. This feature is highly recommended if the internal network is DHCP-based. |
|
| DHCP Detector Rate Limiting | Rate-limit DHCP packets that contain the same information. For example, a DHCPREQUEST for the same MAC/IP will only be processed one time in the time frame configured. This is independent of the DHCP server/relay handling of the packet and is only based on the IP, MAC address, and DHCP type inside the packet. A value of 0 will disable rate limiting. | 5 seconds |
| Rogue DHCP Detection | If DHCP detector is enabled, A3 attempts to identify rogue DHCP servers and triggers a 1100010 security event if one is found. |
|
| Rogue Interval | If Rogue DHCPdetection is enabled, this parameter defines how often to email administrators. With its default setting of 10, it will email administrators the details of the previous 10 DHCP offers. | 10 |
| Detect Host Name Changes | If enabled, this setting will identify hostname changes and send an e-mail with these changes. This can help detect MAC spoofing. |
|
| Detect Changes in Connection Type | If enabled, this setting will identify if a device switches from wired to wireless or vice-versa, and then send an e-mail with these changes. This can help detect MAC spoofing. |
|
| DHCP Option 82 | If DHCP detector is enabled A3 will monitor DHCP Option 82 location-based information. Both pfdhcplistener and pfmon services must be restarted if this option is changed using Status > Services. |
|
| Process IPv6 DHCP Packets | If enabled, the pfdhcplistener service will process IPv6 DHCP packets. |
|
| Force Listener Update on DHCPACK | Iplog update and other DHCP-related task will only be performed on a DHCPACK operation. A UDP reflector must exist. This operation is implicitly activated on registration interfaces on which the DHCP server listens. |
|
| SNAT Interface | Select the interface(s) for which SNAT (Source Network Address Translation) is enabled for passthrough (by default, this is the management interface). |
Note
When advised to restart any A3 service, the administrative interface for each cluster member must be used individually to perform the operation. Perform the operation on each member one at a time, waiting for the service(s) to completely restart.Copyright © 2021 Extreme Networks. All rights reserved. Published April 2021.