Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 26 Sep 2012 10:45:44 -0300
From:      Rafael Henrique Faria <rafaelhfaria@cenadigital.com.br>
To:        "ded1@MyBSD.org.my" <ded1@mybsd.org.my>
Cc:        freebsd-net@freebsd.org
Subject:   Re: DHCP server with a group of mac address
Message-ID:  <CAOxoo31R=9pDYVg0WDOnSXe1momuuGnYgWPsbG4vys%2B3tr3W6g@mail.gmail.com>
In-Reply-To: <alpine.LRH.2.02.1209261803050.17687@sauron.knowledgegrid.net.my>
References:  <alpine.LRH.2.02.1209261803050.17687@sauron.knowledgegrid.net.my>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, Sep 26, 2012 at 7:03 AM, ded1@MyBSD.org.my <ded1@mybsd.org.my>wrote:

> Hi,
>
> i'm installing isc-dhcp42-server and run in the network for like 1000
> node. i have like 1000 mac address (servers, PC's, printers, phones, etc)
> which i put in the text file.
>
> FYI,
>
> Any mac address (which is in the text file) who plug into the network will
> get the ip address based on the vlan configured on the switch. Any mac
> address who's NOT in the text file, will not getting any IP and they will
> not authorize to be in our network.
>
> Is this possible to do with isc-dhcp ? I try to search around these topic
> but not much help.
>
> Anyone have any tips / shed me some light ?
>
>
> ---
> ded1
> MyBSD Malaysia Project
> http://www.MyBSD.org.my
> ______________________________**_________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/**mailman/listinfo/freebsd-net<http://lists.freebsd.org/mailman/listinfo/freebsd-net>;
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@**freebsd.org<freebsd-net-unsubscribe@freebsd.org>
> "
>


Sorry, but I think that this kind of control you want will be provided only
by the 802.1x.

Anyone can put a static ip address from your network range and use your
network without having its MAC Address into the dhcpd conf file.

With a layer-3 switch 802.1x cappable you can even specify a vlan to the
authenticated user, so if 2 users uses the same machine, they can get
different IP Numbers and different vLan. All based on the user
authentication before any network connection.

-- 
Rafael Henrique da Silva Faria

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOxoo31R=9pDYVg0WDOnSXe1momuuGnYgWPsbG4vys%2B3tr3W6g>