Re: Restricting DHCP to specific users
- From: "Evan" <ewgy@xxxxxxxxxxx>
- Date: Sun, 2 Dec 2007 01:47:10 -0500
What if he were to use 802.1x
authentication using an EAP-TLS machine certificate?
"Roger" <Roger@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:8C62485A-D4C0-4D8A-9319-D4C9506F1047@xxxxxxxxxxxxxxxx
Hi Neil,
The problem with a setup such as this is that the end user can just
statically assign an IP address and you'd be stuck with the same risk (and
possibly some conflicting IPs). You're better off not letting them on the
network at all using some of the methods I mentioned to Nite_Owl.
Port security is a good option, but the end user can spoof the MAC address
of the machine they're unplugging if they know what they're up against. A
combination of technologies is your best bet.
Good luck
Roger
"Neil" wrote:
We often have users at branch offices bringing their laptops from
home. As always these systems pose a security risk.
How can I have my DHCP server NOT assign IP address to these untrusted
users.
OR
Is there a way so that these users get a diff IP address and I can
move them to a different vlan
Thank you for your help.
.
- Prev by Date: Re: Cpu speed and core recommendations for this 2003 server? Virtualization of parts ?
- Next by Date: Re: Windows Home Server or Windows Server (2008 or 2003)..?
- Previous by thread: compairing folders
- Next by thread: Re: Restricting DHCP to specific users
- Index(es):
