Suppose I'm using an 8.1R box as a gateway (router/dhcp/nat) handling connections from a private network to an uplink. Is there a simple toolkit I could use to implement layer 2 access control for that private subnet?
I want to provide two kinds of access:
1--For hosts we already know about (by a list of their MAC addresses), they get unrestricted access through the gateway;
2--For hosts we don't know, the only thing they can do is access a web server where the user can enter a password, which causes their MAC address to be added to the list of known hosts and thereby gain full network access;
Of course MACs can be spoofed, but the risk is low enough to ignore in this case.
I want to provide two kinds of access:
1--For hosts we already know about (by a list of their MAC addresses), they get unrestricted access through the gateway;
2--For hosts we don't know, the only thing they can do is access a web server where the user can enter a password, which causes their MAC address to be added to the list of known hosts and thereby gain full network access;
Of course MACs can be spoofed, but the risk is low enough to ignore in this case.
