IIS7 Restrict website access by MAC address?

Question

Is it possible to restrict access to a website in IIS7 using MAC address rather than IP address?

We are wanting to restrict access to our website to only known PCs as mentioned here: link text. These PCs will be external to our network, but because some users could be remote, we would rather do this on MAC address rather than IP address.

II7, Windows Server 2008, asp.net

Thankyou in advance

Richard

Answer 1

The ISAPI extensions will not provide access to network layer information from the client end. This information has to be polled directly from the other end. Also MAC address is extremely unreliable as it can be spoofed more easily than an IP address can be.

Answer 2

You can't restrict access by MAC address because MAC address is using only in local network to communicate devices and behind any router information about ARP table can't be recognited.

Answer 3

It's not possible. You'd have to have some kind of application installed on the client machine such as an ActiveX control to get that information.

Perhaps you should consider having the website setup like an intranet and setup a VPN for the remote viewers. Look at Logmein's Hamachi. It's a super simple VPN setup and free to try.

Answer 4

That is a bad idea because MAC addresses can easily be spoofed. If you need authentication from multiple unknown locations you should use passwords or certificates.

And of course, as mentioned in another answer, over the Internet the MAC adress is not visible, it would only be possible inside your own network.