Portability it is essential preregistration for any IT company to allow their employee to move hassle free without limiting them wire network limitation, WI-FI Access point is the perfect solution in order to achieve the portability. But when you go WI-FI you can secure your network using wifi security but what if this key will become public ?
Well Its normal to have this situation in company, there is no way to identify the this situation. I would like you to show you how you outcomes from all those leakage of your network.
You can achieve the below security level using pfSense
- Identify the device and release DHCP Lease
- You can restrict static IP connections
- Do not allow any device if you don’t know MAC address
You just need to follow below steps to configure and apply the settings.
- Activate the DHCP on local network
- Activate “Deny unknown clients” on DHCP to allow lease to know clients
- Enable Static ARP entries to stop unwanted static connections
Step 1: Activate DHCP connection
Step 2: Activate “Deny unknown clients”
Activate the option Deny unknown clients, this will activate security layer and issue a dhcp lease to the listed client on the server only.
Now, you dhcp server will issue a lease to the client which you want, and also they will get the same IP which is configured by you. still we need to do a last configure which will completely block all static IP communication.
Step 3: Activate static ARP entries
Finally, block all communication by static ip client if they try to connection using static IP. don’t worry if some one try to connect using static IP they can connect but not be able to connect to any host with in network or to access internet is far away for that client. Even you can not have a problem like conflict of IP address which is very normal on windows network.
Try it your self, if you would like to use in production. It is really a great utm solution and of course open source. Download the latest installation iso from official website and enjoy your secure network.
- DHCP Binding only to one interface card (johndelizo.wordpress.com)
- Help with DHCP – Multiple Subnets (daniweb.com)
- DHCP Server Logs (reddingitpro.com)
- How to set up and use network locations in OS X (reviews.cnet.com)