MAC Access Control List
Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: MAC Access Control List

  1. #1
    Junior Member
    Join Date
    May 2004
    Posts
    3

    MAC Access Control List

    I'm trying to implement a MAC Access Control List on our Microsoft LAN.
    Can anyone point me in the right direction?

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    What kind of hardware do you use? Specifically, your managed switches.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  3. #3
    Junior Member
    Join Date
    May 2004
    Posts
    3
    In our LAN, we're only using unmanaged switches, is there a way to accomplish this via the domain controller w/ dhcp??

  4. #4
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    Then you need to buy some managed switches.

    And to your second question, no, no way that can't be easily bypassed. *cough* static address *cough*
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  5. #5
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    could u give us detail about "where" and "why" u want to establish that security? It will be wellcome to allow us to help u.
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  6. #6
    Junior Member
    Join Date
    May 2004
    Posts
    3
    We're a small startup company we have quite a few people coming in just plugging their laptops into our network. I would like to only authorize people who have their macs on our access control list to be able to get an IP address and connectivity.
    Unfortunately we don't have the money to buy a managed switch right now.

  7. #7
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    Have you checked out the NetReg Software? We have it implemented here for ITD students running laptops. You have a username and password and plug in your laptop and if it's an unknown MAC address it asks you to login, however each user can only register one PC on the network. It's quite handy software and probably fairly close to what you are looking for. You can check it out @ http://www.netreg.org/

    Overview

    NetReg is an automated system that requires an unknown DHCP client to register their hardware before gaining full network access. Through a simple web interface, the client is prompted for their user identification. Powerful scripts then retrieve the client's network fingerprint and store it along with the user's information in a database. The database provides administrators with real-time information for troubleshooting and auditing their networks. The entire system was developed utilizing unmodified, open-source servers and in-house developed CGI programs.

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  8. #8
    Senior Member
    Join Date
    Aug 2003
    Posts
    205
    Get yourself a L2 type switch that allows you to configure ACLs based on MAC addresses.

    I personally recommend cisco 3550 switch. The 3550 supports L2 and L3 functionality, however for your application/requirement, the L2 is way to go......alot cheaper. I deployed about 500 of them in last 6 month for international bank and they work very nicely..

    If your looking for something cheaper, buy the lower model, either the Cisco 1900 or 2900 (although they are discontinued..Cisco no longer supports...works just as well) off Ebay..

    Good Luck,,

    P.S.
    Configuration is straight forward.. All documentation is available on Cisco web site.

  9. #9
    Senior Member
    Join Date
    Aug 2003
    Posts
    205
    Get yourself a L2 type switch that allows you to configure ACLs based on MAC addresses.

    I personally recommend cisco 3550 switch. The 3550 supports L2 and L3 functionality, however for your application/requirement, the L2 is way to go......alot cheaper. I deployed about 500 of them in last 6 month for international bank and they work very nicely..

    If your looking for something cheaper, buy the lower model, either the Cisco 1900 or 2900 (although they are discontinued..Cisco no longer supports...works just as well) off Ebay..

    Good Luck,,

    P.S.
    Configuration is straight forward.. All documentation is available on Cisco web site.

  10. #10
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    With these types of switches why not simply turn on port security?
    Oliver's Law:
    Experience is something you don't get until just after you need it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •