[c-nsp] Restricting VPN connections to company hardware?
mark [at] edgewire
mark at edgewire.sg
Fri Nov 6 02:19:18 EST 2009
There's no way of stopping a determined user that wants to bypass
whatever filters or red tape you have in place really but if you're
able to restrict most of the users, would you say no to it? There's
not a single solution to deploy where people can't find a way to use
another device, at least not that I know of. Maybe you could shed some
light on it instead of just pointing out that the MAC address can be
spoofed and would you expect your average run of the mill user know
how to spoof MAC addresses?
On 06-Nov-2009, at 3:12 PM, Peter Rathlev wrote:
> On Fri, 2009-11-06 at 11:10 +0800, mark [at] edgewire wrote:
>> Why is it not possible to check it against the MAC address of the
>> connecting device? Log incoming connections and their MAC address and
>> match it against a list of hardware that has been assigned to the
>> users.
>
> Please state how you expect this not to be spoofed. :-)
>
> --
> Peter
>
>
More information about the cisco-nsp
mailing list