How do I block a MAC address on my network so that a PC with that particular MAC address cannot get any IP address from my DHCP server?
You can do it in two ways:
- If you know the number of PC's on your network, then force MAC binding in DHCP and limit the range of available IP's in your DHCP to the number of PC's on your network. This way there will be no free IP's available for the DHCP to assign to a new PC that comes online. Of course, you will have exclusion range for your servers configured already.
- The best solution is to use NAC -- a network access control product. The one that is available, free and works great is Packetfence. It's an open source distribution and does a lot more than just problem solve a DHCP. You can download this from the Sourceforge site.
This was first published in May 2007