Yeah, that's what I thought... damn
The filtering box can use radius accounting packets but our firewall
doesn't support them, and that was the main way of doing the filtering
levels. Oh, and it's the guys that make the filtering box that have
suggested this new idea of different logical subnets.
The only way that I can see would be ip reservations, and I really dont
want to do that. Too much Admin if computers get moved around. At the
moment some people (management) get static IP addresses and I'm trying to
get them to accept that there is no need for that.
VLANS are an option, but not one I want to go down right now, as I'm not
really knowledgable in that area yet. And I'm not sure how the whole thing
would work... :-)
And it's still an NT4 domain at the moment, so GPO's are out too...
Thanks for the info Kevin. More reading needed for me I think... :-)
Cheers
G.
"Flanagan,
Kevin" To: "NT System Admin Issues"
<KFlanagan@BBa <[EMAIL PROTECTED]>
ndT.com> cc:
Subject: RE: Multiple subnets controlled
through DHCP
24/09/2001
16:47
Please respond
to "NT System
Admin Issues"
There's a few things you can do, but subnets aren't among them in your flat
network. DHCP can only assign addresses on subnets that exist, you have
one.
How many clients? If you have a small # you could do reservations that are
in groups, then do the rules based on the ranges you assign.
If you did VLANS you could have a scope for each one, then just change
VLANS
when you want to adjust things. Without them you are fairly limited.
Could
you do GPOs based on computername/userid for your "filters"?
Good luck,
Kevin
+-------------------------------------------------------------------+
Kevin Flanagan
C/S Planning Engineer III
I/T Implementation Department
Branch Banking & Trust Company
3261 Atlantic Avenue, Suite 116
MC: 172-85-01-00
Raleigh, NC 27604
Voice: 919-716-6209
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Monday, September 24, 2001 11:17 AM
To: NT System Admin Issues
Subject: Multiple subnets controlled through DHCP
Hey Guys,
I've been told that DHCP can be made to assign differnet subnets of ip
addresses to clients (somehow - some group membership maybe?) so that we
will have some 'virtual' subnets in our network. All very strange and new
to
me - any ideas out there?
Here's the scenario (in case you need more information):
We have an NT network, but are slowly moving towards Win2K - and for that
purpose, we have a Win2K DHCP server. We also have a box that does our
Internet Filtering, and this can be configured to give different levels of
filtering to different 'subnets'. So the idea is to have DHCP assign the
different IP addresses to the different groups of people and thus the
different filtering rules will apply... (how many times can you use the
work
different ...)
Any ideas most welcome...
Oh, we have a flat, non-routed domain, running mainly off one switch and a
bunch of hubs, and dont want to us VLANS...
Cheers
Gerald
= = =
Gerald Masters
Network Administrator
Kingston Technology Europe Ltd
Sunbury-on-Thames
UK
= = =
e: [EMAIL PROTECTED]
w: www.kingston.com/europe
"This email and any attachments is intended for the addressee only. It may
contain confidential, proprietary or legally privileged information and any
views or opinions presented are solely those of the author. If you are not
the addressee you have received this e-mail in error. Please notify the
sender by return e-mail and then destroy it. If you have received this
e-mail in error, copying, printing, forwarding or dissemination of this
e-mail is strictly prohibited. We virus scan all e-mails but are not
responsible for any damage caused by a virus or alteration by a third party
after it is sent.
Website: http://www.kingston.com/europe
Registered in England, No: 3643195 VAT No: GB 720 5258 60"
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
