On Thu, Dec 11, 2008 at 7:14 PM, Jim Dandy <[email protected]> wrote: > Wow, isn't there an easier way? I have to assign a class to all 400 of > my machines just so I can keep one bad guy out?
I *think* you can do it by creating an exclusion for the "bad clients" range, and then creating the reservation for each "bad client". IIRC, reservations override exclusions. I know ISC DHCP works that way, more-or-less (terminology's different, but concept works). If not, dial your scope down in size so that the top end has just enough headroom for your bad clients. Create the reservations there, and there won't be any room left for the dynamic pool to grab addresses above that point. This would mean you'd have to adjust your scope size every time you increase/decrease the number of bad clients, but dem's the breaks. You could create reservations for bogus MAC addresses to help alleviate that. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
