Using DHCP to hand out IP address in 2 different networks segments 1

[Theon]

Is there a way to configure windows DHCP server to hand out ip addresses in 2 different scopes to correct clients?
I have a group of pc's that do not have internet access, but to only one site, I need to configure the dhcp server to give these pc's a different network so they do nto have full intenet access.

 

[ShackDaddy]

Are the two groups of users in separate subnets? If so, then you simply create a separate scope for each subnet, and that's it.

If the users are in the same subnet, you can't create two scopes with addresses in the same subnet. If you really want to limit those users, you should create a separate VLAN and put them on it, and put another adapter on your server that functions in that VLAN. That way you can have a separate address space. You'd also want to bind an extra IP address on the internal NIC of your router and trunk the switch port that goes to the router.

Another non-DHCP-based approach is to deploy a bad proxy address to those clients using a Group Policy. Create a security group that includes all the computers that you want locked down and apply the policy to it. Make an exception in the proxy rule for the one site that you want them to be able to access. That way every outbound web connection will route to a bad address except for the sites that you want them to be able to access. That's how I've limited access to some of my client systems.

ShackDaddy
Shackelford Consulting