Announcement

Collapse
No announcement yet.

Multiscope DHCP

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Multiscope DHCP

    I have a domain for example 192.168.6.1-192.168.6.154
    I want to divide these IP range in multiple scope for each department.
    Eg:
    192.168.6.1 - 192.168.6.25 exclude for Servers
    dynamic
    192.168.6.26 - 192.168.6.50 for IT
    192.168.6.51 - 192.168.6.80 for Marketing
    192.168.6.90 - 192.168.6.153 for Content

    I want to separate scope for each dept. to manage them easily.
    Can it possible ?
    kindly help

  • #2
    Re: Multiscope DHCP

    DHCP doesn't have any notion of "compartmentilization" or "departmentilization". It doesn't know and doesn't care whether the computer or server is a "member" of a particular department or not. I see two ways of doing this:

    1. Create reservations for each computer and server so that it gets an ip address in the appropriate "portion" of the scope. This dfeats the purpose of DHCP and isn't something that I would do.

    2. Create switch VLAN's for each "department" and create a DHCP scope for each VLAN. You'll need a router that can route traffic between the VLAN's and you'll need to configure the computers and servers in each department to use a different ip address range. Then create a DHCP scope for each department/ip address range and configure the router as a DHCP relay agent.

    What is your reasoning behind wanting to do this?

    Comment


    • #3
      Re: Multiscope DHCP

      Thanks for the tips, I will try it.
      I just want that the particular dept. user will get the limited range IP that will be reserved for them.

      I want to block facebook, skype etc for content dept users only.
      some limited function for Marketing & finance users
      For IT users allow everything etc..

      If I use static IP, it will be easy to do this through ISA.
      But through dynamical IP it's not easy.

      Comment


      • #4
        Re: Multiscope DHCP

        Trough ISA it's easy to do it as well, as long as you use security groups and authentication.
        Marcel
        Technical Consultant
        Netherlands
        http://www.phetios.com
        http://blog.nessus.nl

        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
        "No matter how secure, there is always the human factor."

        "Enjoy life today, tomorrow may never come."
        "If you're going through hell, keep going. ~Winston Churchill"

        Comment


        • #5
          Re: Multiscope DHCP

          Originally posted by Dumber View Post
          Trough ISA it's easy to do it as well, as long as you use security groups and authentication.
          Dear Friend,

          I think ISA work on IP & MAC.
          with out static IP or DHCP can you explain me an example or a little brief how it's possible.
          Any type of help will be appreciated.

          Comment


          • #6
            Re: Multiscope DHCP

            No, ISA can authenticate against AD. No problem with that at all.

            Google for ISA authentication, for example.

            http://www.websense.com/content/supp...auth_chap.aspx
            http://technet.microsoft.com/en-us/l.../bb794722.aspx
            Marcel
            Technical Consultant
            Netherlands
            http://www.phetios.com
            http://blog.nessus.nl

            MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
            "No matter how secure, there is always the human factor."

            "Enjoy life today, tomorrow may never come."
            "If you're going through hell, keep going. ~Winston Churchill"

            Comment


            • #7
              Re: Multiscope DHCP

              Thanks Sir

              It helps a lot

              Comment

              Working...
              X