Restrict users that assign ip address manually



We have ChackPoint NGX firewall, and MetaIP as DHCP server.
We have to problems that we can't solve.
1. Users that assign a static ip manually to a computer can gain access
through firewall. So we want to restrict computers which have ip that
is not assigned by DHCP. And configure DHCP to gave ip address reserved
to MAC Address. If possible we want to restrict all network activity of
the computer which have an ip not assigned from dhcp. We have managable
hp procurve switches.
2. MetaIP is configured to give ip address according to mac address,
but when a computer assign a static ip manually and then configure the
computer to take the ip address automatically, MetaIP still gaves it
the manually assigned ip address not the one reserved to its mac
address.

.



Relevant Pages

  • Re: Jumpstart w/ DHCP problems (req for working capture)
    ... Can boot netraX client using rarp. ... We use MetaIP for enterprise IP mgt. ... > Client boot using dhcp not working w/ option 43's as configured. ...
    (comp.unix.solaris)
  • Re: Preventing DHCP from allocating IPs
    ... Each segment is physically separate with a Linux ... unknown MAC addresses firstly don't get a DHCP ... >> wants access to your network, they will have to come to you to obtain ...
    (Security-Basics)
  • Re: Secure your DHCP
    ... I can only think of allocating via dhcp reservation using network card ... Create an exclusion of your whole DHCP scope (So no IP's are free to be ... assign each mac address an Ip address from what was in your pool. ...
    (microsoft.public.windows.server.sbs)
  • Re: static IP addresses on LAN
    ... One Mac is an intel iMac, ... it is connected to the network and internet... ... If I instead configure it to use DHCP, then it gets assigned the wrong IP ... The other possibility is that you have more than 1 router. ...
    (comp.sys.mac.system)
  • Re: works on desk computer but not on wireless laptop
    ... RARP server, the DHCP server, or manually? ... So I chose that and now it wants to know the DHCP Client ID. ... And a 12 character number like a Mac ID. ... The OEM computer MAC address is the same as the DHCP ...
    (alt.internet.wireless)