Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Win2k3 DHCP Server Question?


  • Please log in to reply

#1
amw_drizz

amw_drizz

    Member

  • Member
  • PipPipPip
  • 329 posts
Have a question with Windows Server 2003 DHCP Server. What I am looking at trying and doing is something I've never done before my self. And I imagine that what I am trying to do is easy as cake to some.

Well if your still with me thats good, So the question is how to setup a access List based on MAC ID's? Pretty much I want to have a decent size IP Pool with my defined list of MAC ID's in it. They will have all the information about DNS,WINS,NIS,AD,Gateway everything. Then have a second pool where it just has nothing (kind of dead in the water.) This range I want to keep to a whole different subnet from my main primary pool.

I am trying to secure my network even more, And I don't want anyone else from joining my network and finding all my "services" and computers, since some of the data stored is custom code for websites (not a big deal) but no one else but me have seen it. And I plan on keeping it that way.

Right now I run Class A Private IP's (10.0.0.0 - 10.255.255.255 subnet of 255.0.0.0) With my primary lan on 10.0.0.0 - 10.0.0.255, I want to have my "unknown users" on 10.5.1.0 - 10.5.1.254 both on the 255.255.255.0 subnet.

I know that this issue may have subnetting involved, but one issue that I am facing is that I want to keep this to one NIC. As of right now all my servers are located in 10.0.0.1 - 10.0.0.20

My DHCP Server has 3 NIC's installed as of now but I only use 1 actively with the 2nd 10/100/1000 in redundant mode and the 3rd 10/100 disable for now.

So any ideas?
  • 0

Advertisements


#2
dsenette

dsenette

    Je suis Napoléon!

  • Community Leader
  • 26,047 posts
  • MVP
who are you trying to secure the network from? people who are already inside and on your network? or visitors?
  • 0

#3
amw_drizz

amw_drizz

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts
visitors, and unknown people.
  • 0

#4
dsenette

dsenette

    Je suis Napoléon!

  • Community Leader
  • 26,047 posts
  • MVP
a better way to manage that would be to turn off the ports on your switches that aren't actively being used, if you can't do that programatically in the switch then disconnect the cables

maintaining 2 scopes is going to be a pain in the butt, and maintaining a MAC list in your DHCP server is basically the same thing as just assigning each computer a static ip address.
  • 0

#5
amw_drizz

amw_drizz

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts
Would a radius authentication server be more secure than WPA2-Personal on my AP?
  • 0

#6
dsenette

dsenette

    Je suis Napoléon!

  • Community Leader
  • 26,047 posts
  • MVP
well...those are kind of different answers. the WPA is for encrypting the password sent to the device so that the authentication can't be picked up by a wireless sniffer. radius allows you to allow for domain authentication, so only people who are allowed on your domain can authenticate. in my opinion it would be good to do both if possible
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP