How to Enable and Configure DHCP MAC Address Filtering
Introduction
DHCP MAC address filtering is a feature for IPv4 addresses that allows including and / or excluding devices as DHCP clients. This Wiki article shows how the filtering could be done and what can be expected from this feature.
How does DHCP MAC address filtering work?
DHCP MAC address filtering can be configured with one of the following options:
Option |
Explicit allow list |
Explicit deny list |
How it works |
1 |
ü |
X |
The DHCP server will provide IP leases only to devices configured in the explicit allow list |
2 |
X |
ü |
The DHCP server will provide IP leases to all devices except those configured in the explicit deny list |
3 |
ü |
ü |
The DHCP server will provide IP leases only to devices configured in the explicit allow list which do not belong to the explicit deny list |
How to enable the explicit allow or deny list?
To enable the explicit allow or deny list, you can proceed like the following:
- Using DHCP administrative tool go to Filters under IPv4 and then do a right click on Allow or Deny (Allow is for the explicit allow list while Deny is for the explicit deny list). Once done, click on Enable
How to configure the explicit allow or deny list?
To configure the explicit allow or deny list, you can proceed like the following:
- Using DHCP administrative tool go to Filters under IPv4 and then do a right click on Allow or Deny. Once done, click on New Filter…
- Specify the MAC address to allow/deny with a description then click on Add
Conclusion
DHCP MAC address filtering is a security feature that is very easy to configure in Microsoft environments. This feature can be used to provide a highly secure DHCP service that provides DHCP leases to only trusted devices. It can also be used to deny offering leases to untrusted ones.