> The question is : when we have a LAN,and each of the pc in the LAN gets its
> IP address from a DHCP server.How can I
> setup the IP address for the Firewall? And how can I setup the IP-Filter in
> the Firewall,since the pc's IP address is dynamic?
If you are asking how to to block based on the PC ip address if using dhcp
dhcp does not have to be dynamic
assign ip baised on the ethernet hardware address these are your exceptions
use pool for the rest
to get hardware ethernet on a windows 95/98 machine (without opening it)
start run winipcfg
adapter address is it
most cards have it printed right on the card
from my dhcpd.conf file
do this for the exceptions
host ares {
hardware ethernet 00:00:00:00:00:00;
fixed-address 192.168.1.4;
}
do this for the rest
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.100 192.168.1.200;
remember that until the dhcpd.conf is updated that all users will have default
rules applied to them and when new machines come in or nic are replaced to
update
remember that many new nics have assignable hardware ethernet addresses /
adapter addresses
idea if you have too many machines to visit each one
install dchpd server /firewall machine
filter out only dhcp trafic on external interface
connect hub to internal interface
connect dhcp clients to hub
this will work if they already getting their address through dhcp and if you
can give everyone on a hub the same privileges
remember to include a default gateway in your dhcpd.conf. it would be your
dhcpd server/firewall machine.
for each different level of privileges you would need another hub & router
combo
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
