DHCP with RADIUS MAC Authentication

Frank Bulk - iName.com frnkblk at iname.com
Fri Nov 27 19:16:35 UTC 2009

DHCP is not an authentication mechanism, as the MAC address can easily be
spoofed.  But if you're looking to hand out addresses to just those with
certain MAC addresses (as presented, unverified, to your DHCP server), you
can use no "host" statements along with a "deny unknown".


-----Original Message-----
From: dhcp-users-bounces at lists.isc.org
[mailto:dhcp-users-bounces at lists.isc.org] On Behalf Of Julien TURELLO
Sent: Thursday, November 26, 2009 8:18 AM
To: dhcp-users at lists.isc.org
Subject: DHCP with RADIUS MAC Authentication


We are an ISP providing access on many technologies (WiFi, Wimax, xDSL,

In most cases we use PPPoE servers, but we have recently migrated some of
our networks on an ISC DHCP server.

Everything works great but I have to authenticate each CPE by MAC Address (I
already have a RADIUS server working well) before offering a lease.

I don't find any radius client for RedHat, CentOs or Fedora which could be
able to do that...

Is there any way to make this working?



dhcp-users mailing list
dhcp-users at lists.isc.org

More information about the dhcp-users mailing list