Block Bad Guys With R2's Nifty New DHCP MAC Address Filtering Tool

Posted by bink on November 15 2009, 3:19 AM. Posted in Windows 2008 R2.

Basically, here's what R2's DHCP Server can do with MAC address filtering:

  • Either block any particular MAC address from getting an IP address, or allow any particular MAC address to get an IP address.
  • Arrange the question of gets blocked from and who gets allowed to have an IP address either as a whitelist (no one gets an IP address unless their MAC address is on the "allowed" list) or a blacklist (everyone gets an IP address unless their MAC address is on the "deny" list).
  • By default, DHCP runs as a blacklist with no IP addresses on the "deny" list.
  • R2's DHCP server lets you enter one or MAC addresses into its filters in several ways:
    • hand-enter the MAC address into the GUI (ugh)
    • hand-enter a range of MAC addresses using "*" as a wild card (better)
    • select a bunch of systems that already have a DHCP lease, right-click them and add them to either the allow or deny list with just a few mouse clicks (even better)
    • feed the DHCP server a text list of MAC addresses
    • use a new command-line tool to enter one or more MAC addresses


Continue: Mark Minasi Newsletter #82 The New DHCP Server in R2