0

I want to restrict the access into my server on MAC Address base over internet... does it possible??? or there any other way of restriction over internet instead of IP address possible??

(My users are connection into my adito base ssl vpn server and i want to give them access on base of MAC address or any other possible method not by there IP address...because they are on roaming Internet IP.

thanking you, sahil.

1 Answers1

2

It is not possible to do mac address filtration over the Internet. MAC address is Ethernet address and remote point doesn't receive client's MAC address. I think the best way here - give every user separate username/password to your application, and change permissions based on it.

Dmitry Trukhanov
  • 378
  • 1
  • 6
  • thanx buddy, i already have configured username/password for access...but beyond this i also want extra security for client restriction like Mac address base or any other method –  Mar 29 '10 at 06:48
  • Then you can try to implement more complex algorithms for your VPN connection – Dmitry Trukhanov Mar 29 '10 at 06:53
  • 1
    If you want to identify the clients apart from their username and password, think about using client side certificates. – joschi Mar 29 '10 at 06:54
  • 1
    I agree with @joschi -- client certs with password-wrapped private keys approaches 2-factor security -- something you have (the cert's private key) and something you know (the password to decrypt it). – Spiff Mar 29 '10 at 06:59
  • great buddy, any more info how i can install and use client side certificates ?? –  Mar 29 '10 at 07:39