Re: Give access based on location

Is there any way to possibly capture the MAC address and try to do some level
of authentication that way.
The next question would be how to do authentication from a MAC address?

"Phillip Windell" wrote:

> "vidro" <vidro@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:7178DE11-1AB2-437C-A7D0-7EC5C07AB656@xxxxxxxxxxxxxxxx
> > A user has an account on the Corporate network and his laptop has account
> > on Corporate network.
> > While on the local area network, this user can access Information from
> > folder A,B,C on a server
> > When the user goes mobile with his laptop the user needs to be
> constrained
> > to only seeing info from folder A and B
> > If the same user goes to a computer that is not apart of the Corporate
> > network he needs to be constrained to only folder A.
>
> Not possible.
> You can restrict to certain network segments by using ACLs on the LAN Router
> (if one exists) but you cannot restrict to certain "folders/shares" based on
> source IP#.
>
> > If the user is using his laptop it will most likely be VPN,
> > If he is on a different p.c. he will need to go to the Corporate WEB
> site.
> > At the same time I do not want to give users the ability access
> information
> > from a non-company p.c. threw a VPN connection.
>
> Also not possible. VPN is no different than simply being on a different LAN
> Segment,...it is the same principle.
>
>
> --
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
> -----------------------------------------------------
> Understanding the ISA 2004 Access Rule Processing
> http://www.isaserver.org/articles/ISA2004_AccessRules.html
>
> Microsoft Internet Security & Acceleration Server: Guidance
> http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
> http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp
>
> Microsoft Internet Security & Acceleration Server: Partners
> http://www.microsoft.com/isaserver/partners/default.asp
> -----------------------------------------------------
>
>
>
>
.

Relevant Pages

  • Re: Secure your DHCP
    ... We have been cleaning this new client's network for the past ... since they work weekends and are not willing to add the MAC ... Multiple user authentication methods: ... IEEE 802.1X: industry-standard way of user ...
    (microsoft.public.windows.server.sbs)
  • Re: Ask EU - Norton AV 2006
    ... >>>Authentication and encryption. ... >>>only certain MAC addresses to access it (MAC addresses are unique to ... >>mac addresses are programmable in a large proportion of network cards. ... >>authentication by mac address is no authentication at all: ...
    (uk.media.radio.archers)
  • RE: How can I track this down?
    ... Bear in mind that MAC addresses can be changed so the information may not be correct/match a real NIC. ... Also, while the IEEE block is assigned to ASKEY COMPUTER CORP, given the location of the company they are most likely a hardware supplier for Cisco products and the Cisco string you are seeing is the embedded OS/app running on top of the hardware device. ... it's most likely a misconfigured "extra" on an existing device that is polling the Domain for some authentication. ... If you want to track the device down, check the ARP table entries on your routers with CiscoWorks or whatever network device management method you use internally. ...
    (Security-Basics)
  • RE: MAC Authentication device
    ... Using MAC-based authentication is essentially flawed, ... Consider firewalling your entire network, ... > non-employees accessing our trusted network. ...
    (Security-Basics)
  • TidBITS#794/29-Aug-05
    ... This week's issue brings a potpourri of Mac news, ... Mark Anbinder looks briefly at Google Talk, ... Adding Tiger's AirPort Preferred Network List ...
    (comp.sys.mac.digest)