Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1053 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Disable BOOTP Protocol

Tecnologias Imaginadas

Hi.

Since Firewall support BOOTP/DHCP simultaneos It's possible to disable BOOTP offers?



This thread was automatically locked due to age.
  • 0

    Do you mean disable it for the XG or stop it on the network? It appears that BOOTP and DHCP both use the same ports (TCP/UDP ports 67 and 68), but you should be able to make a firewall rule to only allow packets to ports 67 and 68 that are directed to your DHCP server -- which could be your XG or another machine.

    Then make sure your DHCP server doesn't also service BOOTP. Probably the default for other servers. For the XG I think you simply would not fill in the Boot Host name in the XG's settings (Network > DHCP > Boot Options > Next-Server) and leave the Boot File field empty. I don't see how the XG could service BOOTP with those two fields empty.

  • 0 in reply to Wayne Folta

    Hi.

    I want disable BOOTP protocol on Sophos XG. Sophos XG reply to DHCP/BOOTP, it's a good option disable BOOTP and leave only DHCP replys.

  • 0 in reply to Tecnologias Imaginadas

    It would be best security practice, I agree. But is it actually interfering with anything, like a BOOTP client on your network not being able to boot from your actual BOOTP machine server? If you have a BOOTP server you can put its address in the XG and the XG will reply with the proper BOOTP server, which is what you want.

Unfiltered HTML