Want different departments to use different gateways. Should I use DHCP or AD + login scripts?

I would advise using segmented VLANs, each with its own DHCP scope.  A single DHCP server can farm out all the scopes you need, the VLAN just needs to be configured to point to it.

Justin.

That's a huge amount of reconfiguring, which i don't want to do.  You can only have one DHCP scope per subnet?

Technically, you can have more than one, the problem is directing how to determine which scope gets assigned to which machines.  Your other alternative would be to manually assign a reservation for each of the NICs via mac address.  If you are having to go through this hassle, you would be better off just manually configuring the IP info.  Finally, if you are all on the same LAN/VLAN, how will your networking equipment handle the request for multiple gateways?  It just isn't a good idea at all, and most likely wouldn't work as expected or consistently.

Separate VLANs is the way to go in your scenario.

Justin

You can identify DHCP clients by MAC address and provide configuration you want

you can create OUs for the different groups (if you don't have them already in place) and apply Proxy settings where the proxy ip is the D\G you want for that group
this is easy and require minimal configuration

Chuku, unfamiliar with proxy settings.  Are there proxy settings in Group Policy?  Please provide details or steps if you could, thank you.

Vaidas that would be a huge task.

Ultima, my thoughts were to create OU's with each department and then assign a different login script to each OU, then add a route change command correlating to each default gateway in question, which accomplishes routing to each respective gateway (everything on our network, routers included, is a single Class C IP subnet).

LB: what good does it do? since all is on the same network, it will be the same amount of traffic and broadcast within the network. I assume each GW has different internet access?? GW1 go out ISP1 GW2 go out ISP2, etc..  it's will be a mess and not easier than do vlan.  

for proxy you will need to setup proxy server as well.

Let's take a step back.  

LB1234,  What are you trying to accomplish by having your different departments on different gateways?  Is it for bandwidth control, monitoring, restriction deployment, or some other need?  If we understand your end goal, what you are trying to accomplish by dividing your departments into different gateways, we can better suggest the most appropriate solution.

Justin

yes, but with a vlan setup, what if one of the gateways does down?  Then I've got 30 people with no internet access, and lots of configuration to make things work properly again.

AJ, the good that it does is that each person has a default gateway allotted just to them by department, so i can control traffic patterns better.  I was just wondering if my method was the most efficient way of doing it.

Help me understand how a gateway going down is harder to correct on a VLAN than it is in GPO.  To me, a VLAN would be much faster and less trouble to swap over a gateway than a GPO, which would take extra steps on each machine.

As far as traffic control patterns, what are you hoping to control?  Are you aiming at controlling internal traffic or external traffic?

Justin

Question was technically answer in post html:#26173837.

Sorry... I meant http:#26173837