DHCP + Radius

Randall C Grimshaw rgrimsha at syr.edu
Mon Apr 14 15:45:07 UTC 2008

There is not a secure version of DHCP that prompts users for their
credentials and then offers a lease based on authentication process.
DHCP offers little more than configuration guidance for your users.

You can research "Network Access Control" (NAC) to see what is available
in the market. If you need to move your security to layer 2 you could
consider VLAN steering using MACauth against your Radius server. I am
not certain if this is supported on your PPPoE endpoint.

A little more detail about your objectives might result in better


-----Original Message-----
From: dhcp-users-bounce at isc.org [mailto:dhcp-users-bounce at isc.org] On
Behalf Of Jamie Orzechowski
Sent: Monday, April 14, 2008 10:49 AM
To: dhcp-users at isc.org
Subject: DHCP + Radius


I am new to the list and have a few questions. 

We are an ISP that currently authenticates via PPPoE using radius.  Very

simple for accounting of usage and authenticating users.

We are going to be moving new services to DHCP.  I am looking for advice

on using ISC DHCP with Radius?

Is this possible?

I want the DHCP server to send MAC address requests to my radius which 
then says yes/no and the customer either get a lease or does not. 

Will ISC DHCP support this via some patches or is there a commercial 
DHCP required for this?

Any other options to get this done?

More information about the dhcp-users mailing list