In DHCP enforced network, IP is permitted if the IP connected through the SSID is given via DHCP; otherwise (if the IP is configured manually), the SSID blocks the IP. This helps to preserve wireless network from addressing conflict.

The following shows the understanding and demonstration of DHCP enforcement.

1) Configure SSID

SSID with DHCP service enabled is configured.

2) Enable DHCP Enforcement

SSID is then broadcasted and DHCP enforcement is enabled on SSID (vap) through CLI. By default, dhcp-address-enforcement is disable.

3) Managed AP

SSID is attached into the AP profile and the profile is then assigned to managed AP.

4) Internet access for wireless user

SSID interface to internet facing interface is configured for internet access.

5) IP manually assigned

IP is assigned manually to showcase the concept of DHCP enforcement.

Here, user is connected to WiFi. However, it has no internet access.

WiFi Event log then shows. IP has been discovered through ARP rather than DHCP. So access for wireless connectivity is blocked.

6) IP is assigned via DHCP

DHCP client is enabled. IP addresses are now assigned automatically.

User is now authorized with DHCP service enabled.

Following is the IP assigned dynamically.

WiFi Event shows the user assigned IP through DHCP packets.

On the DHCP lease list. User was assigned with IP of 99.99.99.99.2 by the DHCP server.

Internet access is granted to the DHCP users.