On Mon, 3 Apr 2006 00:34:49 -0700 (PDT) Mark Jayson Alvarez <[EMAIL PROTECTED]> wrote:
> I am looking for ways to manage our LAN by having each user register > their ipaddress, mac address, workstation os, etc. in our ldap > directory. Now in our pcrouter, the users will first send his login > credentials to the pcrouter, and then the pcrouter will check against > ldap if this login is correct, and if it is, then it will now do an > ldapsearch/compare operation to see if the source address (ip/mac) of > the user trying to gain network access is indeed belongs to that > user. Only then, the ipfw ruleset will be changed to allow traffic > originating from this source address... Something like a captured portal for wireless? (is that what they were called? :D ) I like the idea though btw, why you will be trying to lock down by ip/mac... you need to make sure the users cant change this at their end... Why do the users set their own IP? dhcp.... I remember reading somewhere about authentication at the DHCP level... from memory, with managed switches and disabling the port via snmp (for a period) if there was something askew. B _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"