I think Andy means, "how do I stop people who set a static IP on the same subnet as my network from getting on the network?"
The short answer is that you can't do that easily. Internal network traffic does not pass through the pfSense and cannot be stopped by it. You may be able to prevent internet access (or access to other network segments) by programmatically creating an alias built from the DHCP client table. I don't know how easy that is in practice but that is what I might do. Moshe ------------------------------ Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732 On Tue, Mar 1, 2011 at 6:49 PM, Cole Devitt <cdev...@gotoworkonenw.com>wrote: > If a computer doesn't pick up a DHCP address I believe it gets an APIPA > address, a 169.192 address if I recall right. With an apipa address the > computer wouldn't be able to do much of anything anyways as the subnet is > different and there isnt a gateway to my knowledge, so a standard setup of a > DHCP server and client machines sounds like what you want no? > > If a computer isn't receiving a DHCP address from your pfsense then you > have a configuration issue, or your scope is too small (not set to give out > enough addresses), or there is a physical problem somewhere in your network. > > On Mar 1, 2011, at 5:40 PM, "Andy Graybeal" <andy.grayb...@casanueva.com> > wrote: > > > Hi, > > I would like every machine on my network to get it's address from > > PFSense's DHCP server. > > > > If it doesn't receive an address from the DHCP server (if they pick some > > arbitrary address on the same subnet) how do I dis-allow them access to > > network services? > > > > Does this make any sense to do this? Does this make sense to not do > this? > > > > -Andy > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > > For additional commands, e-mail: support-h...@pfsense.com > > > > Commercial support available - https://portal.pfsense.org > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > >
