+ Post New Thread
Results 1 to 6 of 6
  1. #1
    Full Member level 5
    Points: 3,137, Level: 13
    elec-eng's Avatar
    Join Date
    Nov 2006
    Posts
    243
    Helped
    20 / 20
    Points
    3,137
    Level
    13

    block mac addressd using isa server

    i am a network adminstrator
    sometimes a user is downloading large files and taking all the traffic
    so other users complaint that they can not browse the internet because it is very slow

    i know how to cut internet for a specific user using his ip
    but if he repairs the connection his ip is changed

    so i want to cut internet using his mac address

    so how to make that

    •   AltAdvertisement

        
       

  2. #2
    Member level 1
    Points: 2,027, Level: 10

    Join Date
    Oct 2006
    Posts
    34
    Helped
    16 / 16
    Points
    2,027
    Level
    10

    block ip with mac address in isa 2004

    elec-eng,

    Have you tried blockig the users MAC via a firewall?

    I found the info below at h**p://www.isaserver.org/articles/blockbymac.html

    I hope this helps,

    mindrover

    ************************************************** ************************************************** ***********************************





    First of all let me clear that using only an ISA firewall, you cannot block users via MAC Address, as ISA is an enterprise level firewall and manages multiple Ethernet broadcast segments, which makes MAC address control relatively useless. How, single Ethernet broadcast domain networks may benefit from this feature.

    An alternate method to control source client address via MAC address is to use a device such as a managed switch, through which you can manage your switch via telnet or a web based management interface, that allows you to block IP addresses, ports, and MAC address.

    Of course, managed switches cost premium prices and have the potential for costing much more than an ISA firewall on a low powered Intel platform computer. A most cost effective solution can be achieved via using third party tools, such as Sygate Personal Firewall (SPF), which can be purchased from Sygate and delivered either on CD or downloaded from an Internet store.

    Download SPF, Run it's setup, and after completing its installation, it will prompt you to re-start your PC. Go ahead, but remember that after you restart the computer, it will block all traffic both inbound and outbound.

    OPENING SPF TO ALLOW ALL TRAFFIC

    Open SMC (Sygate Management Console), go to Tools/Advanced Rules, click on Add in Rule Description. Name it any name you like, such as Allow Rule.

    In the Action tab, select Allow This Traffic, then click on OK. (If you remember, after installing ISA Server 2000, you have to create an Allow Rule in the Protocol Rules section in order to open the ISA firewall for all traffic outbound, same theory is applied to SMC)

    Now you have opened your firewall for all traffic including the ISA firewall’s traffic. It will not further interrupt traffic through the ISA firewall.

    Now let's move on to how to block users via MAC address.

    There are two ways to block users: grant access to specific users only or deny access to specific users only.
    Granting Access to Specific Users Only

    If you want to allow specific users only, instead creating an allow rule for all users, create rules to allow access only for specific users. You have to create rules one by one for users (if you want to access control via MAC address), otherwise if you want to control them via IP address, then SPF has a variety of methods enabling you to control this.
    DENYING Access to SPECIFIC USERS ONLY

    In Advanced Rule Properties, add a new rule, In Description, enter your own description like BLOCK JOHN (IP=10.x.x.x)

    On the Action tab Select Block this traffic (it is always set to Block this traffic by default whenever you create any new rule).

    In the HOSTS section, Apply this rule to MAC address and then enter the MAC ADDRESS of the user you wanted to block. Select OK.

    Now you can see your newly created rule along with the ALLOW RULE you have previously created. REMEMBER! Always put ALLOW RULE at the bottom of the list. In SMC, rules process in TOP TO DOWN order, like if ALLOW RULE is at the top, it will ignore all block rule which are down below this rule, So always put ALLOW RULE at the last number so SMC will first process the Block rules then the ALLOW RULE.

    SPF (Syagte Personal Firewall) really helps me a lot in detecting intrusion attempts, flooding attacks, buffer overflow flow attacks, and others. SPF automatically blocks attacker's IP address for few minutes This and other options can be disabled/enabled or configured at the TOOLS/OPTIONS/SECURITY menu. You can configure many options to control user access to your server. You can block virus attacks from LAN users via adding a file like SVCHOST.EXE (which is commonly used by worms for flooding or RPC/DCOM buffer overflow attacks), then this application will not be able to seize ISA SERVER LAN adopter.

    Personal Note from Syed Jahanzaib

    At the end, I strongly recommend using licensed software, because if you are using it for commercial use and earning money from it, then you should pay for the software, as you are benefiting from the companies software development process.

    I also recommend these software companies to review their license policy for 3rd world countries. For example, Windows XP home edition cost around $200US at our local market and the pirate copy (which include EVERY SOFTWARE like Windows 2000 ,Windows XP and others) costs me 40 CENTS per CD. I earn under $200US in a month, Someone please tell me that how can I buy such expensive software if my earning is under 200 $ per month?

    Windows 2000 Server cost us $1000US and ISA Server 2000 cost us around $1500US. If I am running cyber cafe with around 6-8 PC’s and my monthly income is under $200US how can I purchase such expensive software? Should I stop using it because I don’t have money to buy and stop all my creativity and interest to learn new things?
    About Syed Jahanzaib

    Syed Jahanzaib has completed many courses including CCNA, A+, Linux. He has worked as a System Engineer in an ISP and currently has his own INTERNATIONAL CALL CENTER, cyber cafes and cable networks running on ISA Server. He has also done many installations and set ups of cyber cafes , cable networks, network designs. He enjoys praticipating in forums like ISAserver.org, computing.net to provide tech support to people.
    Receive all the latest articles by email!

    Get all articles delivered directly to your mailbox as and when they are released on ISAserver.org! Choose between receiving instant updates with the Real-Time Article Update, or a monthly summary with the Monthly Article Update. Sign up to the ISAserver.org Monthly Newsletter, written by ISA expert Dr. Tom Shinder, containing news, the hottest tips, ISA links of the month and much more. Subscribe today and don't miss a thin



    •   AltAdvertisement

        
       

  3. #3
    Full Member level 5
    Points: 3,842, Level: 14

    Join Date
    Sep 2005
    Location
    Malaysia
    Posts
    309
    Helped
    35 / 35
    Points
    3,842
    Level
    14

    will we block mac address in isa server

    How the users access internet? If going through proxy, I think we can block at proxy, right?

    Routers should be able to block MAC address, right?



    •   AltAdvertisement

        
       

  4. #4
    Member level 5
    Points: 2,295, Level: 11
    Abo Saker's Avatar
    Join Date
    Feb 2005
    Location
    Islamic Land
    Posts
    84
    Helped
    25 / 25
    Points
    2,295
    Level
    11

    other options after blocking ip and mac address

    yes..of course you can block him at proxy...

    I don't think Routers can block MAC address...it can block IP...but you can reserve certain MAC to static IP then block that IP.

    Regards,



  5. #5
    Member level 3
    Points: 1,829, Level: 9

    Join Date
    Sep 2004
    Posts
    67
    Helped
    4 / 4
    Points
    1,829
    Level
    9

    block users via mac address for isa server 2000

    hi guys
    cann't we block it using pix firewall such as 515e or so?

    Regards

    TheSniper (+)



    •   AltAdvertisement

        
       

  6. #6
    Member level 5
    Points: 2,295, Level: 11
    Abo Saker's Avatar
    Join Date
    Feb 2005
    Location
    Islamic Land
    Posts
    84
    Helped
    25 / 25
    Points
    2,295
    Level
    11

    block user via mac address

    yes you can......because it's firewall....just creat a rule to block it.



--[[ ]]--