Only allow domain members access to network

Hi

We have a 2003 server network, with 2 domain controllers running DHCP/DNS
etc...

Is there any way we can lock our network so only clients that are members of
the domain are able to gain access the network? Currently people are able to
plug laptops in and get an ip address which is obviously a potential
security hole for us that i'm wanting to plug.

Any advice would be appreciated.

Thanks

Richard

"Richard" <rcowell%nospam%@britainusa.com> wrote in message
news:%(E-Mail Removed)...
> Hi
>
> We have a 2003 server network, with 2 domain controllers running DHCP/DNS
> etc...
>
> Is there any way we can lock our network so only clients that are members
of
> the domain are able to gain access the network? Currently people are able
to
> plug laptops in and get an ip address which is obviously a potential
> security hole for us that i'm wanting to plug.
>
> Any advice would be appreciated.
>
> Thanks
>
> Richard
>
>

Manually assign your Local IP addresses and switch off your DHCP server?

Just an idea.

John..

I'm really looking for something more secure so someone can't bring their
laptop in from home for example, copy the ip settings off their work pc and
plug it into the network.

Rich

>
> Manually assign your Local IP addresses and switch off your DHCP server?
>
> Just an idea.
>
> John..
>
>

Look into Certificate based port authentication using Radius or something of
the like.

Matt Gibson - GSEC

802.1x port authentication.

"Richard" <rcowell%nospam%@britainusa.com> wrote in message
news:%(E-Mail Removed)...
> Hi
>
> We have a 2003 server network, with 2 domain controllers running DHCP/DNS
> etc...
>
> Is there any way we can lock our network so only clients that are members
of
> the domain are able to gain access the network? Currently people are able
to
> plug laptops in and get an ip address which is obviously a potential
> security hole for us that i'm wanting to plug.
>
> Any advice would be appreciated.
>
> Thanks
>
> Richard
>
>

Thanks. I've been watching this too because this is not an uncommon
request. Where do I go to set 802.1x port authentication?

-Frank

"Neteng" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> 802.1x port authentication.
>
> "Richard" <rcowell%nospam%@britainusa.com> wrote in message
> news:%(E-Mail Removed)...
>> Hi
>>
>> We have a 2003 server network, with 2 domain controllers running DHCP/DNS
>> etc...
>>
>> Is there any way we can lock our network so only clients that are members
> of
>> the domain are able to gain access the network? Currently people are able
> to
>> plug laptops in and get an ip address which is obviously a potential
>> security hole for us that i'm wanting to plug.
>>
>> Any advice would be appreciated.
>>
>> Thanks
>>
>> Richard
>>
>>
>
>

You set that on the switch itself.

--
Todd J Heron, MCSE
Windows Server 2003/2000/NT; CCA
----------------------------------------------------------------------------
This posting is provided "as is" with no warranties and confers no rights


"Frankster" <(E-Mail Removed)> wrote in message
news:d5WdnVAS8sTPEJ7eRVn-(E-Mail Removed)...
Thanks. I've been watching this too because this is not an uncommon
request. Where do I go to set 802.1x port authentication?

-Frank

Oh crimeny! You mean you have to have one of those expensive managed
switches to exercise port authentication? Drats! True?

-Frank

"Todd J Heron" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> You set that on the switch itself.
>
> --
> Todd J Heron, MCSE
> Windows Server 2003/2000/NT; CCA
> ----------------------------------------------------------------------------
> This posting is provided "as is" with no warranties and confers no rights
>
>
> "Frankster" <(E-Mail Removed)> wrote in message
> news:d5WdnVAS8sTPEJ7eRVn-(E-Mail Removed)...
> Thanks. I've been watching this too because this is not an uncommon
> request. Where do I go to set 802.1x port authentication?
>
> -Frank
>

True

"Frankster" <(E-Mail Removed)> wrote in message
news:Jt6dnecUqJVampneRVn-(E-Mail Removed)...
> Oh crimeny! You mean you have to have one of those expensive managed
> switches to exercise port authentication? Drats! True?
>
> -Frank
>
> "Todd J Heron" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > You set that on the switch itself.
> >
> > --
> > Todd J Heron, MCSE
> > Windows Server 2003/2000/NT; CCA
>
> --------------------------------------------------------------------------
--
> > This posting is provided "as is" with no warranties and confers no
rights
> >
> >
> > "Frankster" <(E-Mail Removed)> wrote in message
> > news:d5WdnVAS8sTPEJ7eRVn-(E-Mail Removed)...
> > Thanks. I've been watching this too because this is not an uncommon
> > request. Where do I go to set 802.1x port authentication?
> >
> > -Frank
> >
>
>