----- "Marko Vojinovic" vvmarko@gmail.com escreveu:

Does anyone know about some free (as in beer, and maybe as in speech) software which would implement authentication and authorization of a user prior to issuing a valid dhcp lease?

I imagine the following scenario: someone walks into my office building with a laptop (a colleague, a visitor, a guest, whoever), and hooks up onto the local net (wired or wireless). The server detects an unknown MAC address, issues a bogus dhcp lease which resolves all dns queries to a single internal web page with a form the user is supposed to fill in and send. After he does so, an administrator does a sanity check of the data the user provided, and grants or denies access. If access is granted, the user gets a new, unrestricted dhcp lease, which provides him with a normal access to local network.

The goal is to have a database which relates IP or MAC addresses to people names, so I can track a person down efficiently if he brings an infected/spamming machine into the building.

I would know how to build this infrastructure manually, but it's a lot of work, and I don't want to reinvent the wheel. Google somehow failed to help, or I failed to provide the right keywords. :-(

After reading this thread I think you can try PacketFence (www.packetfence.org) and there are some others less powerfull ones on the wikipedia under the NAC topic: http://en.wikipedia.org/wiki/Network_Access_Control

Antonio.