|
|
 FAQ
 Search
 Memberlist
 Usergroups
 Register
 Profile
 Private messages
 Log in
|
|
| Author |
Message |
Allan M. Grafil
Guest
|
 Posted: Tue Mar 25, 2008 12:38 pm Post subject: Network Infrastructure |
 |
|
Hi Guys,
Hope Im in the right group.
Im in a stage of fixing my network. This is my current setup.
1. I have an active directory server, which is mydomain.com, wherein
also my DNS and DHCP is located.
2. My subnet is 255.255.255.0
This is my idea.
1. Have these servers: (Need suggestions on these)
a. AD Server with DNS Server - is this a good practice?
b. DHCP Server with ISA Server - is this a good practice?
Other concern:
I want my network to have access limitations. Here is a scenario.
1. In our network, only managers can use their laptop to access our
network and internet. It can be wired or wireless. Unauthorized laptop
should or must not access our network. But from the way the network was
setup, they can access it through wire. I can filter the wireless using MAC
Address filter from the routers. But if they connect through wire and know
how to config TCP/IP they can easily access our network. Can this be
avoided through ISA? Is there a way to filter MAC Address through Active
Directory?
Hope you can help me on this.
Thanks in advance.
Allan |
|
| Back to top |
|
 |
|
|
Bill Grant
Guest
|
| Posted: Tue Mar 25, 2008 12:38 pm Post subject: Re: Network Infrastructure |
|
|
I would put the DHCP server with the DNS server on a DC, rather than with
ISA.
I don't think that ISA server is what you need here. It is designed to
control how your LAN machines access the Internet, not what happens on the
LAN.
You appear to be searching for a way to control unauthorised access to
your LAN, but none of the methods you suggest will do that. DHCP is designed
to make it easier for machines to get on to the network, not make it harder.
The users would not need to know how to configure the tcp/ip settings. DHCP
would do it for them. That is what it is for!
There is no way to control this through Active Directory. DHCP is a very
simple minded process. The client machine broadcasts on the LAN and the DHCP
server replies with an offer. Active directory is not involved. Trying to
keep people off your network using DHCP reservations or MAC filtering is not
the way to go.
"Allan M. Grafil" <agrafil@hotmail.com> wrote in message
news:%23vv9tFljIHA.4940@TK2MSFTNGP02.phx.gbl...
| Quote: | Hi Guys,
Hope Im in the right group.
Im in a stage of fixing my network. This is my current setup.
1. I have an active directory server, which is mydomain.com, wherein
also my DNS and DHCP is located.
2. My subnet is 255.255.255.0
This is my idea.
1. Have these servers: (Need suggestions on these)
a. AD Server with DNS Server - is this a good practice?
b. DHCP Server with ISA Server - is this a good practice?
Other concern:
I want my network to have access limitations. Here is a scenario.
1. In our network, only managers can use their laptop to access our
network and internet. It can be wired or wireless. Unauthorized laptop
should or must not access our network. But from the way the network was
setup, they can access it through wire. I can filter the wireless using
MAC
Address filter from the routers. But if they connect through wire and
know
how to config TCP/IP they can easily access our network. Can this be
avoided through ISA? Is there a way to filter MAC Address through Active
Directory?
Hope you can help me on this.
Thanks in advance.
Allan
|
|
|
| Back to top |
|
|
Craig
Guest
|
| Posted: Tue Mar 25, 2008 12:38 pm Post subject: Re: Network Infrastructure |
|
|
When you say you do not want them to be on the network, what do you
mean? What is it you are trying to stop? anyone can plug the cable in
a change the IP address to match the network.
In article <uoT2v0ljIHA.3940@TK2MSFTNGP05.phx.gbl> "Bill
Grant"<not.available@online> wrote:
| Quote: | I would put the DHCP server with the DNS server on a DC, rather
than with ISA.
I don't think that ISA server is what you need here. It is
designed to control how your LAN machines access the Internet, not
what happens on the LAN.
You appear to be searching for a way to control unauthorised
access to your LAN, but none of the methods you suggest will do that.
DHCP is designed to make it easier for machines to get on to the
network, not make it harder. The users would not need to know how to
configure the tcp/ip settings. DHCP would do it for them. That is
what it is for!
There is no way to control this through Active Directory. DHCP is
a very simple minded process. The client machine broadcasts on the
LAN and the DHCP server replies with an offer. Active directory is
not involved. Trying to keep people off your network using DHCP
reservations or MAC filtering is not the way to go.
"Allan M. Grafil" <agrafil@hotmail.com> wrote in message
news:%23vv9tFljIHA.4940@TK2MSFTNGP02.phx.gbl...
Hi Guys,
Hope Im in the right group.
Im in a stage of fixing my network. This is my current setup.
1. I have an active directory server, which is mydomain.com,
wherein also my DNS and DHCP is located.
2. My subnet is 255.255.255.0
This is my idea.
1. Have these servers: (Need suggestions on these)
a. AD Server with DNS Server - is this a good practice?
b. DHCP Server with ISA Server - is this a good practice?
Other concern:
I want my network to have access limitations. Here is a scenario.
1. In our network, only managers can use their laptop to access
our network and internet. It can be wired or wireless. Unauthorized
laptop should or must not access our network. But from the way the
network was setup, they can access it through wire. I can filter
the wireless using MAC
Address filter from the routers. But if they connect through wire
and know
how to config TCP/IP they can easily access our network. Can this
be avoided through ISA? Is there a way to filter MAC Address
through Active Directory?
Hope you can help me on this.
Thanks in advance.
Allan
|
--
I'm trying a new usenet client for Mac, Nemo OS X.
You can download it at http://www.malcom-mac.com/nemo |
|
| Back to top |
|
|
|
|
