On 29 November 2010 14:18, stephen at stephenjc <step...@stephenjc.com> wrote: > I was under the impression that pfsense was layer 3 software. Imo, I don't > think it should be dealing with layer 2. You can always use a switch with > port security.
But as Gerald has pointed out; On 29 November 2010 10:18, Gerald A <geraldabli...@gmail.com> wrote: > It really isn't that useful, since spoofing a MAC address is fairly trivial. So, I guess not. To be honest I don't think its a bad idea. On 29 November 2010 13:21, Vick Khera <vi...@khera.org> wrote: > So you have a security feature that works, except when it doesn't. > The problem is there is no way to tell when it is not working, so how > do you "deal with it then"? How do you tell when it is the actual user who owns the user accounts that is accessing it? You can't what every user log on and off? Seems like a rhetorical question to me? Also Gerald you suggested it would be easy to bypass. For you, I imagine a cryptographer wouldn't have such luck but would kick my butt at getting into our VPN...We all know no system is impenetrable but we make it as tough as we can. I think its a good idea if its another thing to toughen the system. -- Regards, James. http://www.jamesbensley.co.cc/ There are 10 kinds of people in the world; Those who understand Vigesimal, and J others...? --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org