Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Blocking IPīs


  • Please log in to reply

#1
jdidierv

jdidierv

    New Member

  • Member
  • Pip
  • 5 posts
Hello,

I wanted to ask you, how can I block IP adresses in my network?, this is, to activate or desactivate some ip adresess, and just the ones i give authority to use can be used and the other ones donīt, to know who is in my network, to give some persons access to the internet and some other just to the lan.

I have a Win 2000 Server as a DC.

Thanks for your help.
  • 0

Advertisements


#2
Greazy

Greazy

    IT Professional

  • Member
  • PipPipPip
  • 277 posts
Hello jd,

From what I'm reading, you may need to restructure your network to achieve what you are asking to do with more control. If you could somewhat explain the physical layout of the network, we may be able to find workarounds. But you will more than likely need to seperate each group. You could try a tri-homed Linux machine to act as a router/firewall and use different network addresses for each group.

Greazy Mcgeezy
  • 0

#3
jdidierv

jdidierv

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Ok look:

Iīm in charge of the IT administration in a company, and i would like to have a better control of the IP adresses from the company, in here to get to the network you only have to put an IP adress on your computer, and if someone comes here they can get acces to the internet and shared folders just by putting a free IP.

I was thinking in activating the DHCP service in my server, to forget about giving IPīs to all the computers, and asociating them with the mack adress, so no computer has another ip adress thats not asociated with itīs mack adress, but this is to much work because iīll have it to do it manually and there are several computer to get this data from there.

I donīt know if theres some kind of service in the win 2000 server to activate only a small range of IP and not the whole range or if you know something to help me in the administration of the IP adresses, i would prefer to do it with a windows service or function, but if its not possible, any program you sugged to do this itīs good, if you know some page where i can get some information about that or something.

Well i donīt know if you have any other question or something i can help you with to help me.

Thanks a lot.
  • 0

#4
Greazy

Greazy

    IT Professional

  • Member
  • PipPipPip
  • 277 posts
The thing is, without seperating your network in any way, all of the IP addresses will have to follow the same scheme in order to connect with the rest of the network. You can still use almost the exact same scheme that you have, but you would probably have to reassign what computers have what IP. You would want to insert a dual-homed Linux machine to use as a firewall/router and then you can assign what IP addresses can go where. If you decide to go this route (cheaper than purchasing more devices than needed), then I will help you write the firewall script that would be useful to you. I understand that this is really not what you wanted to get into, but in the long run, I think this will give you more of what you need. As far as the resources on the internal network that can be accessed by anyone, anywhere, that would be resolved by using seperate user accounts for each user that logs onto your network, and only allowing those users access to the resources in question instead of limiting by IP address (which could also be done).

Hope this helps.


Greazy Mcgeezy

Edited by Greazy, 31 May 2005 - 05:27 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP