This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Remove From My Forums

Access List / Network Access Restrictions ?? IDEAS?

Question
0

Sign in to vote

I am trying to set up our network so only the computers that are currently active can have access. I want to restrict any outside computer from being able to access our network.

Now, I know if I had a Cisco Router, I could just make an Access List based off of MAC Addresses, but I don't. My company purchased Netgear switches/router and I don't understand how the ACL GUI really works so it's not an option. Plus, we have 3 switches and I don't want to find out which device goes to which switch.....

I have a Server which hosts DHCP (WIndows Server 2008 R2 Enterprise) and i am curious how I could setup DHCP to not lease anymore IP addresses. I was looking through NAP, but didn't see anything that would really help, I was thinking using NAP and having only computers with joined to our domain get an address, but couldn't find that template anywhere!

So, I just want to make it so the current computers/servers are the only ones which can access our network. I have all devices IP addresses and MAC addresses if you have any other suggestions/ideas. Please, can someone tell me how to either get DHCP to stop leasing or some other way?

Thanks in Advance!

Tuesday, March 13, 2012 5:41 PM

Answers

0

Sign in to vote
Hi,

Thanks for posting here.

> My company purchased Netgear switches/router and I don't understand how the ACL GUI really works so it's not an option. Plus, we have 3 switches and I don't want to find out which device goes to which switch.....

Are these network devices 802.1X capable ? if so the best way we do the restriction is deploying 802.1X authenticated networking with NPS/RADIUS service in Windows Server which will allows only authenticated computers or users (domain joined computer with domain account credentials or certificate that issued by AD PKI service) to access the network by enabling the port that it connects on network devices.

For the detail information please refer to the links below:

802.1X Authenticated Wired Access
http://technet.microsoft.com/en-us/library/cc753354(WS.10).aspx

802.1X Authenticated Wireless Access
http://technet.microsoft.com/en-us/library/cc771455(WS.10).aspx

Thanks.

Tiger Li

Tiger Li

TechNet Community Support
- Edited by Tiger LiMicrosoft employee Wednesday, March 14, 2012 6:27 AM
- Proposed as answer by Tiger LiMicrosoft employee Friday, March 16, 2012 7:14 AM
- Marked as answer by Tiger LiMicrosoft employee Monday, March 19, 2012 1:20 AM
Wednesday, March 14, 2012 6:26 AM