tata_soft
asked on
DHCP scope and disable manually configuration
hello,
please i've ISA server and 100 pc behind ISA the users in my network all time change the ip address and this make conflict in the network ip's so i'm configured DHCP and maked scope for pc's by mac address
i mean assigned stable ip address for the user pc by his mac address
but i've big proplem
the user can make manually configuration for the network card and put the ip's
please i want any solution prevent the users from making manuall configureation for network card ip's and accept only the DHCP.
please i've ISA server and 100 pc behind ISA the users in my network all time change the ip address and this make conflict in the network ip's so i'm configured DHCP and maked scope for pc's by mac address
i mean assigned stable ip address for the user pc by his mac address
but i've big proplem
the user can make manually configuration for the network card and put the ip's
please i want any solution prevent the users from making manuall configureation for network card ip's and accept only the DHCP.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
My point is as long as they allowed/able to change NIC manually, nothing you can do to prevent the potential of duplicate IP addresses.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
emce, that would be impractical for a network of over 100 clients. at least that's my opinion
I agree. That would mean DHCP reservations for every workstation, which sort of defeats the purpose of using DHCP in the first place.
I think Ian's got the best approach. Prevent them from mucking with the IP settings through Group Policy. The only thing is, I'm not sure where to find that in GP. I just looked.
I think Ian's got the best approach. Prevent them from mucking with the IP settings through Group Policy. The only thing is, I'm not sure where to find that in GP. I just looked.
Hi,
The Group policy settings that effect network connections can be found under Userc Configuration/Administrati ve Templates/Network/Network Connections.
There are a whole bunch of things in there you can configure all to do with the network properties and stuff. Take a look and you should be able to work out what suits your environment best,
Cheers
The Group policy settings that effect network connections can be found under Userc Configuration/Administrati
There are a whole bunch of things in there you can configure all to do with the network properties and stuff. Take a look and you should be able to work out what suits your environment best,
Cheers
ASKER
hi all,
1st thx for replay
may be u don't know wht i mean exactly the proplem if i maked DHCP server and maked my clients under this DHCP server
for example: if i actived the DHCP and maked reservation scope for client number 2 and assigned ip 10.0.0.2 and detect it by mac address
this user can write the ip address manulally in the network tcp/ip and may be change the ip to 10.0.0.3
and take the ip of client number 3 if client number 2 shutdown his pc
how i can prevent the user from make this fault.
1st thx for replay
may be u don't know wht i mean exactly the proplem if i maked DHCP server and maked my clients under this DHCP server
for example: if i actived the DHCP and maked reservation scope for client number 2 and assigned ip 10.0.0.2 and detect it by mac address
this user can write the ip address manulally in the network tcp/ip and may be change the ip to 10.0.0.3
and take the ip of client number 3 if client number 2 shutdown his pc
how i can prevent the user from make this fault.
>>how i can prevent the user from make this fault.
As I said, the only way to do it is to prevent them from changing their NIC config either by policy or rights.
There is nothing you can do with network equipment or a DHCP server - except invest in a substantial 802.1x port authentication infrastructure.
As I said, the only way to do it is to prevent them from changing their NIC config either by policy or rights.
There is nothing you can do with network equipment or a DHCP server - except invest in a substantial 802.1x port authentication infrastructure.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.