1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

DHCP Question

Discussion in 'Windows Home Server' started by Kate Townsend, Oct 2, 2009.

  1. Kate Townsend

    Kate Townsend Guest

    Our network is running Microsoft Server 2003 R2 Standard Edition SP2. We
    have DHCP enabled on our domain controller to hand out IP addresses.

    We frequently have outside companies come into our office and they need
    Internet connectivity. While we always have a Comcast line availalbe, many
    times these external users use our LAN line and get an IP from our DHCP
    server, so they have access to our network. Is there someway we can
    configure DHCP to only hand out addresses to those computers on our domain
    (possibly using our FQDN with a wildcard as the client name --
    *.mydomain.com) and prevent outside users from accessing our network?

    Thank you in advance for your help,.
     
    Kate Townsend, Oct 2, 2009
    #1
  3. AllenM

    AllenM Guest

    I used to have the same issues when vendors and or clients would come into
    the office and require internet access. I really did not like having to
    change their network settings all the time and then making sure they change
    it back. So I hooked up a wirelss outside my network and this resolved
    everything. No changes needed to be made to the laptop and network settings.
    all they had to do was search for wireless and connect to ours with a
    provided WPA key. Works great for me and also allows me to use my own laptop
    for wireless external access used for testing remote connectivity issues.


    "Kate Townsend" <townsend@nccn.org> wrote in message
    news:eWtSfj4QKHA.4568@TK2MSFTNGP06.phx.gbl...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    > Our network is running Microsoft Server 2003 R2 Standard Edition SP2. We
    > have DHCP enabled on our domain controller to hand out IP addresses.
    >
    > We frequently have outside companies come into our office and they need
    > Internet connectivity. While we always have a Comcast line availalbe,
    > many times these external users use our LAN line and get an IP from our
    > DHCP server, so they have access to our network. Is there someway we can
    > configure DHCP to only hand out addresses to those computers on our domain
    > (possibly using our FQDN with a wildcard as the client name --
    > *.mydomain.com) and prevent outside users from accessing our network?
    >
    > Thank you in advance for your help,.
    > <!--colorc--><!--/colorc-->
     
    AllenM, Oct 2, 2009
    #2
  4. Phillip Windell

    Phillip Windell Guest

    Don't leave unused network jacks "hot".
    Unplug them at the PatchPanel or Switch.
    Then there is nothing for them to plug into is all the empty network jacks
    are dead.


    --
    Phillip Windell

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------


    "Kate Townsend" <townsend@nccn.org> wrote in message
    news:eWtSfj4QKHA.4568@TK2MSFTNGP06.phx.gbl...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    > Our network is running Microsoft Server 2003 R2 Standard Edition SP2. We
    > have DHCP enabled on our domain controller to hand out IP addresses.
    >
    > We frequently have outside companies come into our office and they need
    > Internet connectivity. While we always have a Comcast line availalbe,
    > many times these external users use our LAN line and get an IP from our
    > DHCP server, so they have access to our network. Is there someway we can
    > configure DHCP to only hand out addresses to those computers on our domain
    > (possibly using our FQDN with a wildcard as the client name --
    > *.mydomain.com) and prevent outside users from accessing our network?
    >
    > Thank you in advance for your help,.
    > <!--colorc--><!--/colorc-->
     
    Phillip Windell, Oct 2, 2009
    #3
  5. Leythos

    Leythos Guest

    In article <eWtSfj4QKHA.4568@TK2MSFTNGP06.phx.gbl>, townsend@nccn.org
    says...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    >
    > We frequently have outside companies come into our office and they need
    > Internet connectivity. While we always have a Comcast line availalbe, many
    > times these external users use our LAN line and get an IP from our DHCP
    > server, so they have access to our network. Is there someway we can
    > configure DHCP to only hand out addresses to those computers on our domain
    > (possibly using our FQDN with a wildcard as the client name --
    > *.mydomain.com) and prevent outside users from accessing our network?
    > <!--colorc--><!--/colorc-->

    Guests should be on a different Wireless access device, so they are not
    on your network at all. Either put them in a DMZ area, since some
    firewalls have more than one DMZ (and I'm not talking about the FAKE DMZ
    you find in linksys/home NAT routers), setup rules for HTTP/HTTPS and
    DNS, possibly SMTP and FTP and RD, and only give them the key to your
    GUEST wireless network.

    Never allow an unmanaged decice on your LOCAL network.

    --
    You can't trust your best friends, your five senses, only the little
    voice inside you that most civilians don't even hear -- Listen to that.
    Trust yourself.
    spam999free@rrohio.com (remove 999 for proper email address)
     
    Leythos, Oct 2, 2009
    #4
  6. AllenM

    AllenM Guest

    My wireless router is in my DMZ thus keeping outsiders off my internal
    network.

    "Leythos" <spam999free@rrohio.com> wrote in message
    news:MPG.25305d4ac6d9e939989f14@us.news.astraweb.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    > In article <eWtSfj4QKHA.4568@TK2MSFTNGP06.phx.gbl>, townsend@nccn.org
    > says...<!--coloro:green--><span style="color:green <!--/coloro-->
    >>
    >> We frequently have outside companies come into our office and they need
    >> Internet connectivity. While we always have a Comcast line availalbe,
    >> many
    >> times these external users use our LAN line and get an IP from our DHCP
    >> server, so they have access to our network. Is there someway we can
    >> configure DHCP to only hand out addresses to those computers on our
    >> domain
    >> (possibly using our FQDN with a wildcard as the client name --
    >> *.mydomain.com) and prevent outside users from accessing our network?
    >><!--colorc--><!--/colorc-->
    >
    > Guests should be on a different Wireless access device, so they are not
    > on your network at all. Either put them in a DMZ area, since some
    > firewalls have more than one DMZ (and I'm not talking about the FAKE DMZ
    > you find in linksys/home NAT routers), setup rules for HTTP/HTTPS and
    > DNS, possibly SMTP and FTP and RD, and only give them the key to your
    > GUEST wireless network.
    >
    > Never allow an unmanaged decice on your LOCAL network.
    >
    > --
    > You can't trust your best friends, your five senses, only the little
    > voice inside you that most civilians don't even hear -- Listen to that.
    > Trust yourself.
    > spam999free@rrohio.com (remove 999 for proper email address) <!--colorc--><!--/colorc-->
     
    AllenM, Oct 5, 2009
    #5

Share This Page