Deny Static IP clients


This question is just started from the related question. As I asked for another question.

Could you please review the last comment on that comment and help.

Who is Participating?

Improve company productivity with a Business Account.Sign Up

nociConnect With a Mentor Software EngineerCommented:
you need .1x support to be able to differentiate on that level.

Then you can give someone a password to be able to do more.

You can combine a radius server, switch  etc. to supply a port profile that enters the user in a public lan to nowhere but some kind of (payment/authorisation gateway) and after getting a key through that let the user reconnect using .1x and allow forther access.

Also if there is a firewall between vlan66 and the remainder of the network you can do this without .1x support. It will block until some authorisation is given after which a user is supplied a IP address belonging with that MAC address. Or the combination is allowed to pass the firewall.

But IMHO chillispot should be capable to handle this kind of traffic.
On our Enterasys switches we set a port policy to not allow packets sourced from critical resources like the gateway etc. on user connections. I don't know how that is done on other vendor's equipment.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.