Is there any way that I can block MAC addresses using DHCP server or other third part software?
Is there any way that I can block MAC addresses using DHCP server or other third part software? I can't do this with Cisco devices (switches). We have some college students that need to be blocked and we provide just IP address through our DHCP server.
The easiest way I can think is to use DHCP with
Static mappings. This can be done by only assigning IP addresses to known MAC addresses and not allowing logins from IP address outside that dhcp pool. This will make it difficult for the average user to logon to your network. You can use any advanced IP Scanner to scan your network and determine the MAC's corresponding to every IP along with other relevant information like: NetBios info, User Id etc. The other option is to lock down switch ports to the known MAC's. Depending on your network device, you may be able to block all unknown MAC addresses from talking to any other systems on your LAN.
You can also use some kind of DHCP client/Host registration process whereby the registered hosts (Known MAC addresses) get the IP addresses just fine while the unregistered clients need to go through a host registration process before getting an IP address from the DHCP server.
Here's a link to Cornell's computing site for more information on Registration process. http://www.cit.cornell.edu/computer/support/dhcp/usingdhcp.html
This was first published in October 2003