Hi !
I am currently using IPv4, and manually binding an IP to a MAC address using "arp <<IP>> <<MAC>> ARPA". The purpose is to limit access for users - if a new user wants access to my network, he has to give me his MAC and i will assign an IP for him. Unused IPs have a manual entry with a fake MAC.
Now I'm trying IPv6, and I can obtain a similar feature using the static NDP feature. However, is there a simple way to negate access to all other IPv6 ?
Example: User X wants an IPv6. He gives me his MAC, I create a static entry. User Y just goes ahead and assigns himself an IPv6, and he will get access to the network.
Any way to block this ? In short, I want to block all IPv6 addresses from accessing the network, and allow just the ones that I create static entries for.
Thanks in advance !
No comments:
Post a Comment