realized Posted February 17, 2006 Posted February 17, 2006 My dhcp server assigns an ip to anything that plugs into the network.What are some ways around this?I was thinking , one way would be no dhcp, or dhcp but reserved leases only - and only add known mac addresses.. that seems a bit extreme..Also that wouldn't help if somebody sets up a static address on the network..a firewall can't block data based on MAC...i think what i am wanting is impossible.. basicly allow only DOMAIN CLIENT-MEMBERS on the network i.e members of my domain.... any way to make sure that ip is assigned AFTER GPO's are applied lol?
chilifrei64 Posted February 17, 2006 Posted February 17, 2006 it is possible.. what you need are some managed switches (ciscos, dells, hp's) configured to query a radius server and authenticate it on the network.. Then you will need to apply group policies to the machines so they know to send authentication and what type of authentication to send. this is a obviously a breif description. there is MUCH MUCH MUCH more to it than that as far as configuring everything.. Start looking up on network authentication, setting up radius servers, configuring this type of stuff on the switches that you have.. if it is even possible. and deploying group policies.So yes it is possible but 1 you need the equipment and 2 you need the know how.. let me know if you need any more help..
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now