I have a gateway with a few clients.
It's compulsory that the clients can not spoof their LAN IP's.
What's the most simple authentication mechanism for LAN's? Encryption is not necessary (but ok) and MITM in LAN is also not possible.
I simply want to ensure that once a client has been compromised he can not pretend to have another IP.