Solved

Restricting clients based on mac address

Posted on 2004-08-06
7
195 Views
Last Modified: 2010-04-14
We have a window 2000 server running without dhcp with 12 clients running windows 98.

1)we would like to restrict unauthorised mac addressed systems form connecting to our server or by asssigning static ip of their own.

2) we also like to restrict logins from unauthorised systems

thanks in advance. i am in a real need of a solution
0
Comment
Question by:das711
  • 2
7 Comments
 
LVL 9

Accepted Solution

by:
SamuraiCrow earned 125 total points
ID: 11741156
It seems that the MAC address issue can be taken care of with client reservations in windows 2000 or 2003 DHCP.  This allows you to reserve a certain ip address for a client based on MAC address.  Furthermore you can lock down the routing ingrastructure by only allowing traffic from the range of ip addresses specified in the reserved DHCP scope.  The following talks about making client reservations:

http://www.microsoft.com/windows2000/en/server/help/default.asp?url=/windows2000/en/server/help/sag_DHCP_imp_UsingClientReservations.htm

If you would like more info, let me know a little more about your network such as routing, firewall physical connectivity.  Also are you running in a windows 2000 domain enviroment?
0
 

Author Comment

by:das711
ID: 11742188
Thanks samurai.I would like have more info.We dont have any firewalls or routers or routing.Every system is connected to the server via utp cables thru a switch which is not manageable

our server is running as a domain controller and clients log in to the domain controller

0
 
LVL 14

Assisted Solution

by:dlwyatt82
dlwyatt82 earned 125 total points
ID: 11743022
If you want true network security in a small network such as this, you will need a managable switch. Setting DHCP server options will not stop people from configuring static IP addresses on their workstations and accessing your server that way.
0
 
LVL 9

Expert Comment

by:SamuraiCrow
ID: 11743394
I have to agree with dlwyatt82 on this one.  There is no way the I know of to keep someone from configuring their own static IP and talking with your network unless there is some sort of managed routing enviroment.  I'll do a little digging and see if I can come up with something though.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Building a cohesive image for your brand is vital to making an impression on consumers. When the economy is tough, brands do better than unbranded  products. This can have a huge impact on your long-term profits, as the economy goes up and down.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question