Windows 10 block specific dhcp server ip in windows 10

moorthyragav

New Member
Joined
Mar 16, 2018
In linux versions have option to block DHCP Server IP from offering the ip in dhclient.conf
reject 192.168.56.0/24;
What is the equivalent option in the windows 10 client dhcp configuration.
 
You'd need to create firewall rules to block the discover and offer packets, so UDP ports 67/68 to the subnet
 
Hi Neemobeer,
Thanks for your quick response, need to write firewall rules in the windows machine.
Thanks
 
Hi Neemobeer,
Thanks for your quick response, need to write firewall rules in the windows machine.
Thanks
 
Any one who could describe this a bit more precise? I'm in an environment where a rogue DHCPd is handing out wrong IPs to my machine, so I want to block it so that the client(s) can get a hold of the real DHCPd instead. However, I don't know the IP of the DHCPd. So, how can I even achieve this? I mean, doesn't DHCPd run on Layer 2 or something like that? Over MAC addresses?
 
Last edited:
If you control the network, I'd just run an nmap scan against the entire segment and you should be able to ID the server handing out addresses and remove it, or if possible reconfigure the system. Another option is if you have a switch that supports it enable dhcp snooping and configure it for the system or systems that should be handing out addresses.
 
Thanks for your response @nemobeer!

Unfortunately, I don't control the network or the switch. In fact, it's (sort of) my ISP's RJ45 jack in my home environment. More precise, they currently suffer an issue with a rogue DHCPd (200 customers affected) so i thought I'd try and make a temporary fix myself at home by somehow blocking that "bad" DHCPd on the net. DHCPd snooping on switch level is hence not an option. So this thing which was mentioned in the beginning of this ancient thread (about putting a block rule in Windows firewall) is not really feasible, correct?
 
Thanks for your response @nemobeer!

Unfortunately, I don't control the network or the switch. In fact, it's (sort of) my ISP's RJ45 jack in my home environment. More precise, they currently suffer an issue with a rogue DHCPd (200 customers affected) so i thought I'd try and make a temporary fix myself at home by somehow blocking that "bad" DHCPd on the net. DHCPd snooping on switch level is hence not an option. So this thing which was mentioned in the beginning of this ancient thread (about putting a block rule in Windows firewall) is not really feasible, correct?
Buy and install a s.c. "router" to be used at home..

It will have a firewall that hinders the replys from the rougue DNS.. Just make sure that the router connects to the real DNS in it´s settings, and save.. In that case, your own computers will use the router as it´s DNS-server, and the router uses your ISP´s DNS to forward any DNS requests to it..
 
Back
Top Bottom