General discussion

Locked

DHCP

By donbrafford ·
Let's see if I can make this sound right.

I have a specific domain, however, I have contractors come into our office. When they do, the can connect to our LAN drops and our DHCP assigns them an IP address.

What I want to do is to ensure that any machine that does not belong to my domain will not get an IP assigned to them and they will get no access to the internet.

I have thought of static IP's howeve they will fix the problem however, I want to be able to manage my IP range at a central location.

Please any help would be much appreciated.
Thanks in advance for any help you might be able to provide.

This conversation is currently closed to new comments.

19 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

DHCP

by Gigelul In reply to DHCP

Hi,
I?m not sure if I understand your question.
If a computer don't have an account in your domain, how can get an IP from your DHCP server?
I suppose that you have an Internet Server and also a firewall. You don?t have a rule to allow access only from specific IP's (a range of IP's)?
These contractors have need access to your LAN and not to Internet?

Collapse -

DHCP

by donbrafford In reply to DHCP

Sorry, they do not have an account in my domain, hoever, if their system is setup for DHCP then once connected to any of my lan drops, my dhcp server gives them an IP address. This I want to stop. Any suggestions

Collapse -

DHCP

by Wayne R. In reply to DHCP

This is an awkward one; By the very nature of DHCP any machine with the client running will be able to obtain an address.

The only way you can stop unwanted clients from getting an address is by adding a reservation for every single IP address inyour DHCP range. To do this you would need the MAC address of your clients (you can use getmac.exe to do this - available on reskit and MS website). You would then assign an IP in the range to each client and exclude the extra addresses that you do not use.

There is no perfect solution but this will work; It means you will have more administration to do but at least it maintains a single point of administration.

Hope it helps.

Wayne.

Collapse -

DHCP

by donbrafford In reply to DHCP

I don't want to do this. I think it would defeat the purpose of having DHCP. Thanks anyhow.

Collapse -

DHCP

by jhancock In reply to DHCP

If you are not worried about the contractors connecting to your LAN, you could put a proxy server in place that would ask for a password to access the internet. If you are worried about them using your LAN as well as the internet you could disconnect all jacks, except for the ones normally used in the office.

James

Collapse -

DHCP

by donbrafford In reply to DHCP

Thanks but I do not have that option

Collapse -

DHCP

by Gary McP In reply to DHCP

Just a thought, you could put the contractor machines onto a different router and disable BOOTP and DHCP relay on the router. Routers do not pass on DHCP broadcast traffic by default. You have to enable BOOTP or DHCP relay to allow machines on the other side of a router to get an IP address.

Without that, the contractors won't take one of your addresses.

Hope this helps,
Gary

Collapse -

DHCP

by donbrafford In reply to DHCP

This is not an issue. Also we do not have an extra router laying around for that purpose.

Thanks for trying to help. It is appreciated

Collapse -

DHCP

by Gigelul In reply to DHCP

Hi,
The solution of your problem is in other place. In DHCP I can't find something usefull for this issue.
How get access to the internet your workstation (also the contractors)? A server is used for this? Here you must implement some rules.

Collapse -

DHCP

by donbrafford In reply to DHCP

The question was auto-closed by TechRepublic

Back to Windows Forum
19 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums