No announcement yet.

Prevent IP from DHCP

  • Filter
  • Time
  • Show
Clear All
new posts

  • Prevent IP from DHCP

    How can I prevent PCs/Laptops from plugging into my available ports and gaining a IP from DHCP.

    I'm sure I cannot stop them from getting the IP but is it possible to have a match list which gives correct IPs DNS, Gateway, Time Server, etc.... to clients (MAC addresses in the list) and give complete rubbish to clients not in the list.

    Simple Q.? I need to prevent Joe Public from plugging into my network and getting valid IPs.

    Many thanks in advance for any help

  • #2
    Re: Prevent IP from DHCP

    Your scope could only have enough spaces for the mac addresses you put in (I guess this would work) but you would probably be better getting a decent switch and only allowing certain mac addresses to connect through the ports.

    Please read this before you post:

    Quis custodiet ipsos custodes?


    • #3
      Re: Prevent IP from DHCP

      It can be done using reservations. Set the scope equal to the number of computers allowed to have a IP address. Set up a reservation for each computer for an ip address within that scope. A lot of administrative burdom but it works.

      Yet there are far more (expensive) better sollution available.
      Like angy said, a proper switch could do the same.

      Another cheap sollution could be to place a firewall in between and allow only the configured mac's to pass trough. There are some freeware linux based firewall's available.
      Set-Location Malibu Beach



      • #4
        Re: Prevent IP from DHCP

        The only problem with that is that a scope can not be expanded so when you need to add a new address for a new company computer you have to recreate the scope from scratch.


        • #5
          Re: Prevent IP from DHCP

          I know this is a daft Question, but....

          If I was to have a IP range of x.x.x.1 --> 30 but needed to keep 1 -->10 for any new servers could I reserve 1,2,3...10 with DUD mac addresses and this would still prevent users for getting these IPs.

          I would then fill the reservation scope with all the rest of the LAN users and not have any other available IPs.

          Haven't yet tried this but will it work.....


          • #6
            Re: Prevent IP from DHCP

            it would work, but you can use exclusions to do this. Also there is nothing stopping you configuring a scope of which would give you a theoretical range of to - but only allocating a range for distribution of to

            In your case you could make your "range for distribution" x.x.x.11 to x.x.x.30 - the bottom ten IP addresses would never be issued because they're outside the range for distribution.

            Don't forget the "Scope" is simply all the addresses which are available to be allocated; you can allocate a range (or a number of ranges) of addresses WITHIN that scope to be issued to clients - you can also exclude single addresses or a range of addresses from the available total.

            For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

            Anything you say will be misquoted and used against you