• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Allow internet to DHCP assigned computers only

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> Allow internet to DHCP assigned computers only Page: [1]
Login
Message << Older Topic   Newer Topic >>
Allow internet to DHCP assigned computers only - 11.Nov.2009 3:17:49 PM   
munirg2003

 

Posts: 1
Joined: 20.Jun.2006
Status: offline 		Hi there!

I have very interesting situation in my network.
I have ISA 2004 server with DHCP server service enabled machine.
My goal is to securing un-authorized access to internet in my LAN.

I have configured DHCP reservations mapped with client MAC addresses so that ip is assigned to those machines whose MAC is matched. Its working fine.

I have enabled Integrated Authentication Method in ISA server 2004 so that users without domain user name and password cannot access internet. Its also working perfectly.

I have made a policy rule which allows internet to only IPs listed in that rule. This working good too.

Now a user whose machine is configured to obtain DHCP ip, domain is configured and was given a user name & password to access internet, knows DHCP IP and Password and even proxy settings and hence using internet very fine.

Suppose he installs fresh OS on the same machine with same NIC and now he has local administrator rights. He manually configures the IP address he already been using and uses user name and password and proxy setting, wonderfully the internet is granted and he is using internet again.

What my question is! Is there any way especially in my type of environment that the machines which are manually assigned IPs may not be granted internet access? Or  In other words, only machines that are assigned IP through DHCP server are allowed to use internet.


Best Regards
Munir
Post #: 1
RE: Allow internet to DHCP assigned computers only - 12.Nov.2009 6:45:01 PM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline 		Configure all Internet access rules to restict the source as the range of IP addresses used specifically for DHCP reservations?

Cheers

JJ

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to munirg2003)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> Allow internet to DHCP assigned computers only Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts