I have a Question

i have a DHCP Server 2008 and unknown person came in my Network and he connect his personal LAP TOP with my network switch he got Auto IP from my DHCP it is possible i restricted this permission my DHCP server not Provide IP any unknown person's PC.

DHCP does not natively have a filter to decide who can or cannot get an IP address.

I have a couple possible suggestions for you:

1. Implement NAP. DHCP NAP enforcement was designed to help make sure that all clients on your network meet certain "health" requirements, but you might be able to tweak it in a way to help make sure that only known clients are on your network.

2. You could implement RADIUS and use a NPS server in Windows server 2008 to help control who has access to your network. Again, this was originally designed to help control against uwanted remote or wireless access, but could be used on a LAN as well.

You are going to have to use a little creativity to solve this one.

Ed

Thank you sir Ed

My personal suggestion is put in a firewall such as a sonicwall or watchguard.

And how would one configure such product to meet the requirements requested above?

My personal suggestion is put in a firewall such as a sonicwall or watchguard.

Well if you are using a SonicWall you would want to basically follow these steps:

1) Make address objects (Network > Address Object)
2) Make Services Objects (Firewall > Services)
3) Firewall rule (If public address) (Firewall > Access Rules)

By making a firewall rule you can specify a policy that will restrict someone who is not using your IP scheme. Go on their site and play with their demos