pmckenna11
asked on
Assign privileged computer to IP range
I need to allow a certain group of computers unfiltered internet access. The easiest way for me to do this would be to assign these computers to a specific IP range. I can then allow any computers in that range to bypass our filtering policy. The problem is that I don' t see a way to assign these computers to a specific range via DHCP.
I am looking for an alternative to manual interventions such as IP reservations or setting static IPs. Also I want this to be as easy and maintenance free as possible so I don't want to do anything with VLANS, etc.
I am starting to believe it is not possible to assign a specific computer to an IP range via DHCP, GP, etc. We are running Server 2008 Standard.
I am looking for an alternative to manual interventions such as IP reservations or setting static IPs. Also I want this to be as easy and maintenance free as possible so I don't want to do anything with VLANS, etc.
I am starting to believe it is not possible to assign a specific computer to an IP range via DHCP, GP, etc. We are running Server 2008 Standard.
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Based on what you have said, IP reservation is fairly simple and easily implemented. I also use this method to have a specific computer available to me.
I do understand what you posted, but I was just offering a simple way that works for me for a variety of situations.
Perhaps someone else has another idea.
I do understand what you posted, but I was just offering a simple way that works for me for a variety of situations.
Perhaps someone else has another idea.
Your best bet would be a reservation. Do not use Static IP's because when the users takes their laptop home or offsite they will constantly need to change there ip back to dhcp everytime. At least with a reservation you don't have to interact with the user at all.
What your thinking of here would be using NAP (Network Access Policy) and GPO's to configrue a security group for specific assignment of DHCP address.
Below is a link on how to setup and configure this.
http://www.windowsecurity.com/articles-tutorials/windows_os_security/Using-Group-Policy-Filtering-Part1.html
Personally I would not use Group Policy because you now have 2 places to manage IP address assignment. I would use a reservation.
Will.
I would prefer to be able to assign a computer to a Group and then have computers in that Group get an IP address from the privileged range
What your thinking of here would be using NAP (Network Access Policy) and GPO's to configrue a security group for specific assignment of DHCP address.
Below is a link on how to setup and configure this.
http://www.windowsecurity.com/articles-tutorials/windows_os_security/Using-Group-Policy-Filtering-Part1.html
Personally I would not use Group Policy because you now have 2 places to manage IP address assignment. I would use a reservation.
Will.
Just to be clear, I am not using static IP addresses on the computers. The server assigns a fixed IP that the firewall can use. My computer travels fine.
The only maintenance is knowing the MAC address of the computer.
The only maintenance is knowing the MAC address of the computer.
@pmckenna11 - Thanks, and I was happy to help you with this.
Microsoft Server OS
The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.
59K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER
I would prefer to be able to assign a computer to a Group and then have computers in that Group get an IP address from the privileged range.
I have to get this done and will fall back to using reservations if there is no other way. I looked into using groups on the UTM but by the time I get LDAP and all the rest of it working it just is not worth the effort.