snowmizer
asked on
Assign a dhcp address pool to a group of windows desktops
I am working on testing virtual desktops in our environment. One gotcha that I have come up with is the assignment of IP addresses to the virtual desktops that are created. In our current environment we use dhcp reservations to assign IP addresses to our desktops. The main reason for this is security.
However, now the virtual desktops are causing me a problem. I can assign IP addresses to the desktops via dhcp. However the virtual desktops are non-persistent so I lose the ability to do reservations since you don't know what the MAC address for the desktop will be as they are created.
If we're going to implement virtual desktops I have to have another solution to provide the security that DHCP reservations provide. At this point I'm at a loss on what possible solutions are out there. I've thought about NAC but I'm unfamiliar with it's capabilities (plus there's the cost involved). I also wondered if there's a way assign a pool of IP addresses to a specific AD group of machines.
Thanks.
However, now the virtual desktops are causing me a problem. I can assign IP addresses to the desktops via dhcp. However the virtual desktops are non-persistent so I lose the ability to do reservations since you don't know what the MAC address for the desktop will be as they are created.
If we're going to implement virtual desktops I have to have another solution to provide the security that DHCP reservations provide. At this point I'm at a loss on what possible solutions are out there. I've thought about NAC but I'm unfamiliar with it's capabilities (plus there's the cost involved). I also wondered if there's a way assign a pool of IP addresses to a specific AD group of machines.
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hummmm, that's an intriguing option. Unfortunately I don't have much (or any) experience with VLANs in the virtual environment. So basically what you're saying is as follows:
1. Create a virtual switch that has all used ports assigned to a vlan.
2. Setup a virtual dhcp server that is setup on this virtual switch. The dhcp server will provide ip addresses in a different subnet.
3. Set up routing from this subnet to the server subnet (which will require a physical router or can this be done virtually as well).
1. Create a virtual switch that has all used ports assigned to a vlan.
2. Setup a virtual dhcp server that is setup on this virtual switch. The dhcp server will provide ip addresses in a different subnet.
3. Set up routing from this subnet to the server subnet (which will require a physical router or can this be done virtually as well).
Yep, that's it in a nut-shell.
ASKER