Solved

Can I employ mac address filtering on a windows server?

Posted on 2004-10-03
6
182 Views
Last Modified: 2013-11-13
I know of some networking equipment that can allow me to filter out user access by their mac address, and I've even read posts about some linux distros that let you do it.

But can this be done in Windows?

I personally don't mind going to linux or the hardware level if necessary, but I work with mostly Windows-friendly people,
and if I can find a way to filter out incoming requests to the machine by simply installing something onto the windows box, that'd be great.

So, suggestions anybody?
Or am I going to have to spring for some new equipment/OS's?

As always, thanks.
0
Comment
Question by:Inward_Spiral
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 9

Expert Comment

by:jamesreddy
ID: 12213632
Well....that depends.  If you have an ISA server, this is quite possible.  However, if not...there is something that may be of use to you.  If you run your own DHCP server, you can have DHCP automatically assign bum addresses (like default gateways) to any MAC address you want.  It's called a DHCP reservation.  Simply get the MAC address of the machine you want to deny access to your network and create a reservation for it in DHCP properties.  You can assign it a seperate default gateway, to prevent Internet access...or assign it completely different addresses to deny it access to your network.

James
0
 
LVL 5

Accepted Solution

by:
zerofield earned 100 total points
ID: 12213638
the only way possible to do this with windows is to essentially force the machine to lie to itself.  you can force a fake layer 3 address such as 127.0.0.1 to the layer 2 addresses with a command like:

arp -s 127.0.0.1 0011aabbcc

maybe 127.0.0.2 or something, im not sure what arp'ing a fake address to your localhost does..

this is ghetto and only works to filter known addresses, its not something that'd filter all BUT known addresses as MAC filtering would ideally work.

you could always employ a little $30 linksys router to do this i guess..

if you want to be a little more sophisticated, nearly any modern catalyst as well as linux can do this much more gracefully.
0
 
LVL 5

Expert Comment

by:zerofield
ID: 12213642
oh, yea, his suggestion would work too.  we typed simultaneously.

i think the common answer here is going to be that it's not really meant to happen with windows by default.  as with any function that involves MS software, you'll need to find an alternative or spend money ;)
0

Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question