• Wireless Network Manager
• Getting Started with Wireless Network Manager
  • About Wireless Network Manager
  • Using the Wireless Network Manager Interface
  • Using Wireless Network Manager Guide
• Overview
  • Dashboard
  • Alerts
  • Threats
  • Logs
  • Audit
• Using Air Marshal
  • RF Survey
    • Discovered Aps
    • Discover and Report Unassociated Wireless Clients
  • RF Spectrum
  • RF Monitor
  • Packet Capture
    • Wireless
    • Ethernet
  • Bluetooth LE
• Managing Your Network
  • Network Hierarchy
  • Network Topology
  • Zones
  • Devices
    • Managing Access Points
      • Managing the Configuration of Access Points
        • General
          • Bridge Mode
          • NAT Mode
        • Radio
        • SSL VPN
          • Activating SSL VPN
          • Editing SSL-VPN
      • Upgrading the Firmware for Specific Access Points
      • SonicWave Diagnostics
        • Testing Connectivity With Your Gateway or DNS Addresses
        • Testing Connectivity With Ping, Traceroute, or NSLookup
    • Viewing the Wireless Client Journey
    • Port Settings
    • Managing Switches
    • Managing Switch Clients
• Managing Policies
  • Policy Hierarchy
    • Select an AP Policy
      • General
      • System
      • Radio
      • Mesh Network
      • Bluetooth
      • • Certificate
        • Others
      • RRM (Radio Resource Management)
      • WIDP
      • 802.1X
      • Port Setting
      • ALG
      • SNMP
      • Syslog
    • Select a Switch Policy
      • General
      • System
        • Spanning Tree Protocol
        • Link Layer Discovery Protocol
        • Voice VLAN
        • Quality of Service (QoS)
        • Internet Group Management Protocol (IGMP) Snooping
        • Dynamic Host Configuration Protocol (DHCP) Snooping
        • Dynamic Host Configuration Protocol (DHCP) Relay
        • Loopback Detection
        • Jumbo Frames
        • Multicast Filtering
        • 802.1X
        • Static Route IPV4
        • DoS
        • Radius Server
        • Mirror Settings
        • Address Resolution Protocol
        • Static MAC Address Table
        • SNMP
      • Ports
        • Classic Switch Policy
          • General
          • VLAN
          • QoS
          • QoS Storm Control
          • Security
          • ACL
          • 802.1X
      • Port Policy
      • Link Aggregation
        • LACP
        • Group
        • Trunk Port Settings
        • VLAN
      • VLAN
        • General
        • Network
        • IGMP
    • Select an SSID
      • SSID Policies
        • Adding SSID Security Policies
        • Editing SSID Security Policies
      • General
        • Basic
        • Authentication
          • Disabling the Strict Rekey
        • Others
        • VLAN
        • Dynamic VLAN Support
      • Advanced
        • Band Selection
        • IEEE802.11R
        • IEEE 802.11K
        • IEEE802.11V
        • SSL-VPN Security Tunnel Access
        • DNS
        • Agile Multiband
      • Security Policies
      • Guest Portal
        • Sign-on Settings
          • Sign-on with One-Time Passwords
          • Configuring Twilio Billing for SMS
          • Sign-on with LDAP Server Authentication
          • Sign-on with Active Directory Server Authentication
          • Sign-on with RADIUS Server Authentication
          • Sign-on with SAML Authentication
          • Wireless Guest TOTP Authentication
        • Customized Splash Page
          • Use a Linked Image on the Customized Splash Page
          • Collect User Feedback from a Customized Splash Page
    • Select a Security Policy
      • CFS (Content Filtering Service)
        • General
        • Category
        • Enabling or Disabling Reputation
        • URI List
        • Customize Block Page
      • CATP (Capture Advanced Threat Protection)
        • General
        • File Types
        • Protocols
        • MD5 Exclusion List
        • Customize Block Page
      • CAV (Cloud Gateway Anti-Virus)
        • General
        • File Types
        • Protocols
        • MD5 Exclusion List
        • Customize Block Page
      • ACL
        • General
        • Authentication/Association MAC Filtering
        • ACL
        • Bandwidth Management
      • Geo-IP & Botnet
      • APP Control Security Policy
  • AP Policies
  • Using Tags to Manage Access Points and SSIDs
    • Using Tags to Manage Access Points
      • Adding Tags to an Access Point
      • Removing Tags Associated with an Access Point
      • Viewing Tags Associated with an Access Point
    • Using Tags to Manage SSIDs
      • Adding Tags to an SSID Group
      • Removing Tags from an SSID Group
      • Viewing Tags Associated with an SSID Group
  • QoS Policies
  • Wi-Fi Multimeda (WMM) Profiles
    • Creating Wi-Fi Multimeda (WMM) Policies
    • Enabling Wi-Fi Multimeda (WMM) Policies
  • Managing Switch Policies
    • Adding Switch Policies
    • Editing Switch Policies
  • Managing Switch Port Policies
    • Adding Switch Port Policies
      • General
      • VLAN
      • QoS
      • QoS Storm Control
      • Security
      • ACL
      • 802.1X
      • POE
    • Editing Switch Port Policies
  • Security Policies
    • Content Filtering Service
      • Creating Content Filtering Service Security Policies
      • Editing Content Filtering Service Categories
      • Adding Sites to the Allowlists and Blocklists
    • Customizing Blockpage
    • Applying a Security Policy to an SSID Group
    • Capture Advanced Threat Protection
      • Creating Capture Advanced Threat Protection Security Policies
      • Adding an MD5 Hash to the Exclusion List
    • Cloud Anti-Virus
    • Access Control Policies
      • Creating and Editing Access Control Policies
    • Geo-IP & Botnet
    • Application Control
  • Managing SNMP Policies
    • Setting the SNMP ID
    • Adding SNMP Policies
    • Editing SNMP Policies
    • Deleting SNMP Policies
    • Setting SNMP Policies
  • Managing Switch SNMP Policies
    • Adding Switch SNMP Policies
    • Editing Switch SNMP Policies
    • Applying Switch SNMP Policies
• Objects
  • Address Objects
    • Creating Mac Address Objects
    • Creating Address Object Groups
  • Service Objects
  • Matched Objects
  • QoS Objects
  • Schedule Objects
    • Scheduling VAP Security Policy
  • App Objects
  • VLAN Objects
• Admin
  • Reports
    • Generating Report Tasks
    • General Settings
  • Users
    • Configuring User Quota Control
  • Settings
    • General
      • Client Timezone
    • Firmware
    • Notification Center
      • Alert
      • Threat
      • Log
      • Email
      • SMS Event Notifications
  • Certificates
    • Batch Import
    • Import Certificates
  • Using the WiFi Planner
• SonicWall Support
  • About This Document

Dynamic Host Configuration Protocol (DHCP) Snooping

DHCP snooping is a layer 2 security technology built into the operating system of a capable network switch that drops DHCP traffic determined to be unacceptable. The fundamental use case for DHCP snooping is to prevent unauthorized (rogue) DHCP servers offering IP addresses to DHCP clients.

Dynamic Host Configuration Protocol (DHCP) assigns dynamic IP addresses to devices on a network. DHCP ensures that network devices have a different IP address every time the device connects to the network.

To activate the DHCP Snooping

1. Navigate to Policies > Policy Hierarchy > Switch Policy.
2. Select the System tab and scroll down to the IGMP Snooping section.
3. Enable the toggle bar, DHCP Snooping Enable.
4. Enable the toggle bar Mac Verify. If the device receives a packet on an untrusted interface and the source MAC address and the DHCP client hardware address do not match, address verification causes the device to drop the packet, if you enable this option.