Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Trusted MAC Addresses List
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Trusted MAC Addresses List - 5.Apr.2006 10:12:54 AM
|
|
|
mas0h
Posts: 2
Joined: 5.Apr.2006
Status: offline
|
Hi, everyone
this my first post here.
i've searched for any add-on for ISA 2004 to restrict internet access to certain group of users with MAC address authentication.
and finally, i found what i'm looking for.
actually, it is not an add-on for ISA itself, but a separate FIREWALL called VisNetic
http://www.deerfield.com/products/visnetic-firewall/
now by this firewall, i can do the job without interfering ISA 2004 functionaliy.
simply allow all connectivity from your gateway (ISA server) to the trusted MAC addresses list and let the ISA server do the rest of filtering job.
i hope that's helpful for you.
greetings to all of you, and keep up the good work.
|
|
|
|
|
RE: Trusted MAC Addresses List - 6.Apr.2006 7:55:09 PM
|
|
|
mas0h
Posts: 2
Joined: 5.Apr.2006
Status: offline
|
quote:
ORIGINAL: tshinder
Do you install this on the ISA firewall?
Yes i do install this on the ISA machine itself.
Basically, do youR usual filtering rules with ISA, then set a rule(TCP, UDP.... etc) in VisNetic firewall to allow all traffic through the internal NIC, but only for trusted MAC list, which you have created before.
So, when a request to internet access comes from one of your LAN computers and the ISA server grant it permission to pass, it doesn't pass directly to the internet
and here comes the part of VisNetic firewall which check the souce and the distination MAC addresses, and then allow or deny it according to your rules :).
and sure you can block a single specific MAC or a group of MACs.
finaly, if anyone need hints in this i'll be watching this thread and offering help cuz i do believe there is no resources concerning this issue on windows platform (not Linux for sure) all over the internet (at least for me :D)
thank you all
< Message edited by mas0h -- 6.Apr.2006 7:56:40 PM >
|
|
|
|
|
RE: Trusted MAC Addresses List - 22.Jun.2006 10:27:48 AM
|
|
|
aqib khan
Posts: 231
Joined: 12.Aug.2004
From: pakistan
Status: offline
|
thanks for this update information,
you can also block MAC address by using Sygate Personal Firewall, i m using this since 2 years, having no problem.
so i'll also try ur updated information
|
|
|
|
|
RE: Trusted MAC Addresses List - 8.Jan.2007 2:27:34 AM
|
|
|
z_haseeb
Posts: 183
Joined: 15.Jun.2005
From: Karachi,Pakistan
Status: offline
|
HI dear friend.....
ITs easy to change MAC ADDRESS. We can get the MAC addresses from any scanning tool or by arp -a and apply it(any MAC adresses) in our NIC card.....
have you any updated idea regarding you own solution..
thanks....
|
|
|
|
|
RE: Trusted MAC Addresses List - 26.Apr.2007 11:46:25 AM
|
|
|
Jim Harrison
Posts: 232
Joined: 5.May2001
From: Redmond, WA
Status: offline
|
Good luck with this idea.
1. MAC spoofing absurdly easy
2. MAC filtering is not "authentication", in any accepted definition.
3. This is a complete waste in a routed network.
4. when (not if) yo have problems with ISA behavior, PSS will tell (not ask) you to remove this.
_____________________________
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
My ISAServer.org Stuff
My Site
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
RE: Trusted MAC Addresses List - 
Thanks man i will ry those 2 Software then back to u telling if i had more Questions or not. 
Yeah Pal i heared alot about that software -- Sygate Personal Firewall - but could get my self one. 