Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to manage DHCP in medium size business

Posted on 2015-02-17
7
Medium Priority
?
241 Views
Last Modified: 2015-03-01
we have nearly 700 plus computers in the network and having manual ip addressing . I am in the process of going with the static to  dynamic . but I have few issues  with the current setup .

what is the best way to assign the ip dynamically
firewall level , core switch  or OS dhcp server . I hope separate DHCP is the best option ?
major issue is out of 700 PCs nearly 500 pcs have internet access with the firewall via access . All the access give with the IP address level . we did not have link with the AD and the firewall . so how can I keep the same ip address for my internet client . one idea is reserve option in the DHCP . but I don't know the best option is going to be the reserve all most all the users in the network

please share your thoughts
0
Comment
Question by:cur
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 14

Assisted Solution

by:Natty Greg
Natty Greg earned 800 total points
ID: 40615869
use nmap to gather ip addresses and mac address from there figure out your ip address scheme, you will definitely need four dhcp scope cause you need that to address growth. a router will be needed if each subnet need to talk to each other.
0
 
LVL 37

Assisted Solution

by:bbao
bbao earned 400 total points
ID: 40615896
> firewall level, core switch or OS dhcp server.

for an enterprise environment, better deploy DHCP services on OS servers because this way you may have better control on DHCP options and restrict users in terms of security and scalability.

deploying DHCP services on network devices may work but you need more work once you got needs to integrate OS and the devices. e.g. to to assign IP addresses to authenticated userss only, or applying web proxy settings for given subnets etc.

> I hope separate DHCP is the best option ?

what do you mean by 'separate'?

> we did not have link with the AD and the firewall. so how can I keep the same ip address for my internet client.

do you mean current users already have used IPs which are to be used for DHCP address pool?

> one idea is reserve option in the DHCP . but I don't know the best option is going to be the reserve all most all the users in the network

new addresses can't be changed in a few seconds. you need to work out a plan to deploy the addresses in stage, smoothly.
0
 

Author Comment

by:cur
ID: 40615951
currently we  do not integrated AD firewall . half of the users in the work group . this will rollover very soon . issue is this . we have given the internet access based on the host ip . if I go with the dhcp how am I going to keep the client PC ip static all the time
some time we need to connect work group users connecting to internet . if I go with AD integration . it will make more complex without proper understand
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 14

Assisted Solution

by:Natty Greg
Natty Greg earned 800 total points
ID: 40615957
DHCP allows static mapping and you can restrict and permit host ips to the internet, never mind if you know the specific time of day when they need to be on the internet you can schedule it via DHCP, its a powerful tool that you'll love.
do some reading on it.
0
 
LVL 38

Assisted Solution

by:Mahesh
Mahesh earned 800 total points
ID: 40616117
Better you could use Windows domain based DHCP server which can assign IPs to both domain clients and workgroup clients as well
After that allow IP range on firewall as allowed internet access
This will avoid creation of 500 reservations in DHCP
I believe DHCP is there to lease out IPs freely without much intervention and in exceptional case few DHCP reservations to be used

Also check how to setup DNS - DHCP advanced integration, scavenging once you setup domain based DHCP server
Check below articles for more information:
http://blogs.technet.com/b/askpfe/archive/2011/06/03/how-dns-scavenging-and-the-dhcp-lease-duration-relate.aspx
http://blogs.msmvps.com/acefekay/2009/08/20/dhcp-dynamic-dns-updates-scavenging-static-entries-amp-timestamps-and-the-dnsproxyupdate-group/
0
 

Author Comment

by:cur
ID: 40616161
if the clients PC get change the IP time to time . monthly internet bill will generation will have the impact due to ip change
0
 
LVL 38

Accepted Solution

by:
Mahesh earned 800 total points
ID: 40616203
Before setting up DHCP still you are using 500 static addresses for internet access

After you setup, still IP addresses count remains same

I don't see how bill will get impacted

Further more how your firewall is setup?

It should have NATTED internet access so that on internet actually default firewall public IP would be displayed and no matter which machine \ IP combination is connected from intarnet
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question