From: Biggs, Jeff\(M/IRM/TSI:SRA\) (JBiggs@usaid.gov)
Date: Wed May 16 2007 - 15:33:08 ART
Say I have a switch with a vlan on it of 1.2.3.0/24 and the first 31
addresses are reserved for static assignment (say other network
equipment on that LAN). All other addresses in the range are useable
for DHCP addressing assignment. I want to block a person from plugging
into that LAN with a static address on their machine that violates the
reserved range. Other than say dot1x, what other means do I have at my
disposal? It would seem to me that ACL's would be a bit to late since
the host would already be on the LAN and the dup address alerts would
already be flowing.
Jeffrey Biggs
Sr. Network Engineer
M/CIO/BIE
CCNP, CCDA
240-646-5003
jbiggs@usaid.gov <mailto:jbiggs@usaid.gov>
This e-mail is intended for the addressee only. If you are not the
intended recipient, please be aware that the unauthorised use or
disclosure of the information it contains, or the unauthorised copying
or re-transmission of the e-mail are strictly prohibited. Such action
may result in legal proceedings. If the e-mail has been sent to you in
error, please accept our apologies, advise the sender as soon as
possible and then delete the message. Under the Freedom of Information
Act 2000 / Data Protection Act 1998, the contents of this e-mail,
whether it is marked confidential or otherwise, may be disclosed.
This archive was generated by hypermail 2.1.4 : Fri Jun 01 2007 - 06:55:21 ART