Is it possible to have some sort of DHCP MAC address filter? Lets say someone connects a laptop to the network and the MAC address isn't in a allowed mac address list. So the DHCP server won't hand out an IP. I've been searching for an easy solution for this and not just in Cisco IOS. Microsoft has a "calloutdll" extension but i could never get it to work. So I'd like to try it with IOS. Like i said, I'd like to block a "rogue" MAC address unless it is in a allowed list. Port security is an option but we have a very large network (up to 800 devices).