General discussion

Locked

MAC address based IP assignment

By trackme ·
Hello ,
I have a cisco switch 4000 series, i want to configure the switch such that based on the MAC address it needs to assign IP address to the system
For example ,all my internal users need to have a 1.1.1.x range of IP based on the MAC address ( i can add the MAC address table ) and any thing other than this MAC table should be given 2.2.2.x range ,

This is primarly prevent vistors or other users having the same previlge as my other users ,

My switch doesnt support VMPS and hence i dont know what other method can be done ,

All i want is segregate my office and non-office users with a different IP range ,how can i do this

If not possible which is the best solution to achive this

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by Jaqui In reply to MAC address based IP assi ...

not sure with a switch, I build a box to use as a router, if I need different options I just make sure that I set different nic for each option set.
eth0 for default route to other hosts
eth1 for office / admin
eth2 for programmers
eth3 for sales

this does require a secondary level of switching , but it's effective.

setting different permission levels for each set of ip's is then done in the system config files for the server / router box. much more control over it than the dedicated devices.

Collapse -

by jdmercha In reply to MAC address based IP assi ...

I think you want to do this with the DHCP server, not the switch.

Collapse -

by TomSal In reply to MAC address based IP assi ...

"All i want is segregate my office and non-office users with a different IP range ,how can i do this"

Gathering that you know who your office users are (ie. employees) and all you want is to segregate their traffic, the most effective (and frankly BETTER way than your IP suggestion) is to use VLANs.

I'm almost positive that the 4000 series supports VLANS.

In your situation a VLAN would work great!

If you want more information on VLANs...contact me through the peer directory.

Collapse -

by dgolic In reply to MAC address based IP assi ...

The other way is to use certificates and RADIUS server for authentication, and VLANs for dividing clients. It is a long story, but you'll find a lot of good documents on each subject on Microsoft, Cisco etc.

Collapse -

DHCP windows 2003

by prabu.r In reply to

Hi ,

if you are using Windows 2003 server as DHCP server you can assign IP addres to your clients based on MAC address.

u need to make use of macfiltercallout.dll ... wheree you jus need to specify the set of MAC ID's to be allowd or denied ...

let me know if you still have issues, prabu.r<at>gmail<.>com

Back to Security Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums