Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 2 subscribers
  • Views 7678 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is it possible to Whitelist specific LAN IP addresses?

snaketek
This might seem like a total noob question, but I am having a difficult time finding the area where I can designate a whitelist of IP addresses for the LAN.

Basically, I am wanting to prevent anyone from plugging into the network and keying in any IP address in range and getting on the network. I want to be able to allow only a specific set of IP Addresses for the LAN side.

Any help would be much appreciated.


This thread was automatically locked due to age.
Parents
  • 0
    Don't use the built-in Internal(network) definition to define accesses in the packet filter and proxies.  Instead make a custom network definition for only the IP's which you want and use that instead.

    If you also want to block connectivity within the LAN, if you have a decent managed switch, you can lock down individual ports to only accept connection from a specific mac address. 

    This sort of thing has long been the bane of network admins....rogue DHCP servers and people bringing unauthorized equipment into a network.  While blocking accesses is fine, it is only treating the symptom.  You need to work with management to define a company policy, disallowing this activity.  Once that is done and the staff is informed, you must make certain that the policy is strictly enforced.
  • 0 in reply to Scott_Klassen
    This solution makes sense, thank you! Would I do the same type of thing if I wanted to use MAC filtering as well?
Reply Children
No Data