Problem solve Get help with specific problems with your technologies, process and projects.

Is there any way that I can block MAC addresses using DHCP server or other third part software?

Is there any way that I can block MAC addresses using DHCP server or other third part software? I can't do this...

with Cisco devices (switches). We have some college students that need to be blocked and we provide just IP address through our DHCP server. The easiest way I can think is to use DHCP with Static mappings. This can be done by only assigning IP addresses to known MAC addresses and not allowing logins from IP address outside that dhcp pool. This will make it difficult for the average user to logon to your network. You can use any advanced IP Scanner to scan your network and determine the MAC's corresponding to every IP along with other relevant information like: NetBios info, User Id etc. The other option is to lock down switch ports to the known MAC's. Depending on your network device, you may be able to block all unknown MAC addresses from talking to any other systems on your LAN.

You can also use some kind of DHCP client/Host registration process whereby the registered hosts (Known MAC addresses) get the IP addresses just fine while the unregistered clients need to go through a host registration process before getting an IP address from the DHCP server. Here's a link to Cornell's computing site for more information on Registration process. http://www.cit.cornell.edu/computer/support/dhcp/usingdhcp.html

This was last published in October 2003

Dig Deeper on Network Security Monitoring and Analysis

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.