I understand the complexities of using NAC or the perils of trying to enforce IP use without utilizing AD or the like.
Could it be possible that there be an option in Untangle to only allow traffic if it matches the DHCP lease table - dynamic or static reservation? Having it compare both MAC & IP of course.
That way, no matter what, if a user tries to statically assign their IP, it won't work, even if they set it within the lease range?
This also negates the need to implement complex NAC or AD solutions where all you're trying to do is prevent people from bypass quota. It also limits the ability for users to attempt to bypass certain priorities/bypasses which would be assigned to specific IP addresses.
Even a bandwidth control/application control/firewall rule option where "IP/MAC [is/is not] is in DHCP table" or something would be handy for other uses.
Could it be possible that there be an option in Untangle to only allow traffic if it matches the DHCP lease table - dynamic or static reservation? Having it compare both MAC & IP of course.
That way, no matter what, if a user tries to statically assign their IP, it won't work, even if they set it within the lease range?
This also negates the need to implement complex NAC or AD solutions where all you're trying to do is prevent people from bypass quota. It also limits the ability for users to attempt to bypass certain priorities/bypasses which would be assigned to specific IP addresses.
Even a bandwidth control/application control/firewall rule option where "IP/MAC [is/is not] is in DHCP table" or something would be handy for other uses.