asked on

Prevent users from using locally set static IP address to connect to network

We are currently a cisco house (with sonicwall firewall) and I would like to implement somthing (NOT ISA SERVER) which will prevent users bringing in laptops from home and setting static ip's to connect to our network. We have had a problem in the past where a user plugged in a laptop that had the same address as our firewall which took our network down for a while until we could trace source. I am implementing VLAN's and also will be doing port security which will prevent this, HOWEVER, i will not be done with segmentation project for some time. I need an interim solution which will prevent users on a FLAT network from taking up either our SWITCH ip's or FIREWALL ip. I need recommendations on something i can implement which is FREE. Thanks in advance for all of your responses.

ASKER CERTIFIED SOLUTION

cosmicfox

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

mati02

ASKER

yes, i have actually stated that in my question. Port security project is a ways away. The problem with shutting off unused ports is that all live ports will still be vulnerable. For example, if a laptop user hard-codes my switch's IP address and plugs into a live jack. (unplugging cat5 from an existing computer).

SOLUTION

cosmicfox

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

mati02

ASKER

yes, understood. Port security project is a ways away. Need another option for interim, as mentioned in initial question. I have always known of port security but wanted another option here.

SOLUTION

cosmicfox

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

mati02

ASKER

not completely what i was looking for.