Firewall Wizards mailing list archives
Re: user based IP address assginment
From: Cliff Skolnick <cliff () steam com>
Date: Sat, 4 Nov 2000 17:19:11 -0800 (PST)
How about using VPN technology (even RAS will do the trick). You get assigned a private IP address via DHCP, then when you authenticate to the VPN solution you get your real IP address and access to the real network? The downside to this that comes to mind is performance loss. Run some tests to make sure the performance loss is acceptable for you before rolling this out. Sure this will use a few more CPU cycles so it may require some more hardware, but you will get something that is less hackish and you can even call for support. VPN solutions can also keep good logs, so you may get report generation capability as a bonus. Cliff On Thu, 2 Nov 2000, daN. wrote:
There is a way to do this but its kind of a pain. 1. Machine gets turned on. 2. gets assigned a non addressable IP via DHCP (different subnet if you are already behind a nat) 3. user goes to a webserver also on the non addressable network and enters username/password 4. executes a php script to take the MAC address out of the communications and modify dhcpd.conf to add a reservation for the newly logged in machine. 5. user runs winipcfg and hits release all/renew all. gets assigned the reserved IP now on the local network. This doesn't add any security to your network because a user can always set their IP address manually . mutated At 10:16 AM 10/31/00 -0800, David Lang wrote:the problem is that the machine needs to be up on the network before a user logs into it. the metaIP product can change the name (wins and DNS) of the machine based on who logs into it, but the IP address gets assigned when the machine boots so by the time someone logs in it is to late. David Lang On Mon, 30 Oct 2000, GS wrote:Date: Mon, 30 Oct 2000 19:42:46 +0100 From: GS <eor () gmx net> To: firewall-wizards () nfr com Subject: [fw-wiz] user based IP address assginment Hi, is there any Tool or any way to assgin an IP address depending on theUserID?The only thing i found on my research is META IP (by CheckPoint). But as far is i understand the concept of META IP, a firewall, or aservicemust use the UAM service to auth. a user, so only the other checkpoint products will work? And, a user gets a "random" ip out of his subnet ip pool. What i want to do is to "hard-wire" an IP to an User! (_not_ to a machine). The platform can be WinNT 4/5 or Netware 4/5. Thank you in advance, Gregor Stefka edv-anwendungsberatung gmbh _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards_______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards_______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
-- | Cliff Skolnick | "They that can give up essential liberty to | | Steam Tunnel Operations | obtain a little temporary safety deserve | | cliff () steam com | neither liberty nor safety." | | http://www.steam.com/ | -- Benjamin Franklin, 1759 | _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- user based IP address assginment GS (Oct 31)
- Re: user based IP address assginment David Lang (Nov 02)
- Re: user based IP address assginment Luca Berra (Nov 02)
- Re: user based IP address assginment Tamas FORJAN (Nov 05)
- Message not available
- Re: user based IP address assginment daN. (Nov 05)
- Re: user based IP address assginment Cliff Skolnick (Nov 06)
- Re: user based IP address assginment daN. (Nov 05)
- <Possible follow-ups>
- Re: user based IP address assginment Jeffery . Gieser (Nov 02)
- Re: user based IP address assginment John Adams (Nov 05)
- RE: user based IP address assginment Mills, Craig (Nov 05)
- RE: user based IP address assginment David Ashwood (Nov 05)
- Re: user based IP address assginment Daniel Julien (Nov 05)
- Re: user based IP address assginment Omar Fahnbulleh (Nov 06)