?
Solved

Restrict DCHP  / Issue different Default Gateway to Domain Members

Posted on 2009-03-30
8
Medium Priority
?
419 Views
Last Modified: 2012-05-06
Is it possible to restrict issuing of DHCP leases to Domain Members only? Or to issue a different default gateway based on Domain Membership?

From what I know already and research so far it does not look to be possible.

Group Policy currently points Domain Members to an ISA Proxy Server via IE Settings.
I would like to ensure that non-domain members which connect to the network are either directed to the Proxy or, directed to a different Default Gateway (which is on a connection which is restricted via another method.).

Is the only way to do this for the Router/Firewall that is normally issued as the default gateway (and is the Gateway for the ISA Server) to only accept web traffic from the ISA Server?

Or is there a way to only issue DHCP Leases to Domain Members?
Given PXE booting exists I'm assuming DHCP is picked up long before Domain Credentials are checked for?
0
Comment
Question by:Softech99754096
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
8 Comments
 
LVL 31

Expert Comment

by:Justin Owens
ID: 24020261
You could do it if you want to input the MAC Address of each machine for a reserved DHCP lease, but that is even more maintenance than static IP addresses.  I don't think it is possible, though, outside that.
0
 

Author Comment

by:Softech99754096
ID: 24026892
That is not an option. It would be an administrative nightmare as there are approximately 200 client machines on the network.
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 24028224
You could VLAN those machines and have a seperate DHCP scope for them...
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Softech99754096
ID: 24028566
Hmm.. yes, though I don't know if the Switches in use support multiple VLan's.

If I were to do that I would have to then have multiple DHCP servers - connecting each to an appropriate VLan, right?
0
 
LVL 31

Accepted Solution

by:
Justin Owens earned 100 total points
ID: 24032386
No, you can have multiple scopes on one DHCP server.  I use one Server 2003 DHCP server to farm out 97 different scopes for 92 different locations.
0
 
LVL 7

Assisted Solution

by:hau_it
hau_it earned 100 total points
ID: 24145545
Try to search the DHCP option classes.
With this configuration you can assign classes to to the users and each Class gets its own DHCP configuration.
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn how to PXE Boot both BIOS & UEFI machines with DHCP Policies and Custom Vendor Classes
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question