Hello,
I previously had another Mikrotik version 6 that I asked in another viewtopic.php?t=205954 and it worked for my other Mikrotik device.
Recently I have purchase another MT device which version is 7.8 (stable).
I use this like this:
My ADSL modem --> a LAN cable from modem goes into MT device --> The MT device creates a wireless AP.
All of devices in the house connect to MT.
I'm going to restrict some specific mac addresses to connect to this MT AP.
I tried to do like MT 6 but it doesn't have any authenticate or such things to enable.
I also tried to do Wireless --> Access List, like MT6, but it doesn't work and still all devices are able to connect (to test this, I only add my laptop's mac address).
Do you please help me how can I limit and restrict some mac addresses as a white list to allow to connect?
Re: How to limit mac addresses to connect to Mikrotik 7.8
Only give the SSID password to those that need it for any particular Subnet WLAN
Re: How to limit mac addresses to connect to Mikrotik 7.8
Thanks, that was done before. But I'm curious if I can restrict and whitelist.Only give the SSID password to those that need it for any particular Subnet WLAN
Suppose both my phone and laptop are connected and both have the password. Now I want to whitelist my laptop's mac address and block all others.
Is that possible? In MT6 it was possible, but I couldn't find any way for it in MT7.
Re: How to limit mac addresses to connect to Mikrotik 7.8
You can do that by only manually assigning DHCP leases I thought. Make use of ARP list etc.
Re: How to limit mac addresses to connect to Mikrotik 7.8
Thanks, but then I think I should go to networks settings of each connected device and assign a manual IP. Am I right?You can do that by only manually assigning DHCP leases I thought. Make use of ARP list etc.
If yes, then I think it won't work for me because I'm not always home, and I connect to my office WiFi too.
Re: How to limit mac addresses to connect to Mikrotik 7.8
I still have not find a way to do this.
Any updates for this thread?
Any updates for this thread?
Re: How to limit mac addresses to connect to Mikrotik 7.8
if you want to let only "known devices" connect (via known MAC) and that MAC is in your access list you might have to disable "default authenticate" for your wifi interface.
Re: How to limit mac addresses to connect to Mikrotik 7.8
I do not have such option in Wi-Fi interface.if you want to let only "known devices" connect (via known MAC) and that MAC is in your access list you might have to disable "default authenticate" for your wifi interface.
I had this option in MT version 6, but I cannot find it in MT version 7.
Re: How to limit mac addresses to connect to Mikrotik 7.8
I also do not have this command:
I read this https://wiki.mikrotik.com/wiki/Manual:I ... ccess_List.[admin@MikroTik] > /interface wireless
bad command name wireless (line 1 column 12)
Re: How to limit mac addresses to connect to Mikrotik 7.8
First , Upgrade the device to 7.12 and then to 7.15. works much better than 7.8
To solve your problem
1.) Create in Wifi Access list entries for each and every devices you want allow access (you can use also interface lists)
2.) at the end of the Access List, create one entry that rejects access to all Mac adresses
The Access list is parsed from top to bottom, so devices found get access, devices not found will get bumped off by the last rule.
It is same principle as Mikrotik firewall...
To solve your problem
1.) Create in Wifi Access list entries for each and every devices you want allow access (you can use also interface lists)
2.) at the end of the Access List, create one entry that rejects access to all Mac adresses
The Access list is parsed from top to bottom, so devices found get access, devices not found will get bumped off by the last rule.
It is same principle as Mikrotik firewall...
Re: How to limit mac addresses to connect to Mikrotik 7.8
I did the 1 and 2 before, but I'm not sure why it didn't work.First , Upgrade the device to 7.12 and then to 7.15. works much better than 7.8
To solve your problem
1.) Create in Wifi Access list entries for each and every devices you want allow access (you can use also interface lists)
2.) at the end of the Access List, create one entry that rejects access to all Mac adresses
The Access list is parsed from top to bottom, so devices found get access, devices not found will get bumped off by the last rule.
It is same principle as Mikrotik firewall...
Re: How to limit mac addresses to connect to Mikrotik 7.8 [SOLVED]
sorry, this is available on the "older" wireless settings. you may have the newer "Wifi" interface.I do not have such option in Wi-Fi interface.if you want to let only "known devices" connect (via known MAC) and that MAC is in your access list you might have to disable "default authenticate" for your wifi interface.
I had this option in MT version 6, but I cannot find it in MT version 7.
maybe this might help:
Code: Select all
/interface wifi access-list
add action=accept disabled=no mac-address=aa:aa:bb:bb:cc:cc
add action=accept disabled=no mac-address=dd:dd:ee:ee:ff:ff
add action=accept disabled=no mac-address=11:11:22:22:33:33
add action=reject disabled=no
you also got a lot more options to fine-tune stuff but in general the above should suffice
for the detailed options 2 might come in handy
1. a mask where you could allow/deny a certain vendor (OUI database lookup for details)
2. more detailed interface information (if you have multiple SSIDs specify desired SSID interface here)
You do not have the required permissions to view the files attached to this post.
Re: How to limit mac addresses to connect to Mikrotik 7.8
Thanks a lot, it worked and now my laptop is only connected, and my mobile phone is being rejected.sorry, this is available on the "older" wireless settings. you may have the newer "Wifi" interface.
I do not have such option in Wi-Fi interface.
I had this option in MT version 6, but I cannot find it in MT version 7.
maybe this might help:
MACs obviously generic/fake (apply your MAC addresses which you'd like to be allowed to connect and the last rule is a "reject" rule to deny any unknown clientsCode: Select all/interface wifi access-list add action=accept disabled=no mac-address=aa:aa:bb:bb:cc:cc add action=accept disabled=no mac-address=dd:dd:ee:ee:ff:ff add action=accept disabled=no mac-address=11:11:22:22:33:33 add action=reject disabled=no
you also got a lot more options to fine-tune stuff but in general the above should suffice
for the detailed options 2 might come in handy
1. a mask where you could allow/deny a certain vendor (OUI database lookup for details)
2. more detailed interface information (if you have multiple SSIDs specify desired SSID interface here)
24-05-2024.png
Regarding fake mac address, I'm aware of that. I have some devices that have two options: private mac address and public mac address.
For the private mac address, they generate a new mac address when connecting to a new unknown Wi-Fi.
I think I did it before, but probably I didn't do it correct, or even I didn't do it at all.
Anyways, thanks a lot my friend, it helped me.
Re: How to limit mac addresses to connect to Mikrotik 7.8
yep, i know of the private-mac funcions on new mobile OS versions.Thanks a lot, it worked and now my laptop is only connected, and my mobile phone is being rejected.
Regarding fake mac address, I'm aware of that. I have some devices that have two options: private mac address and public mac address.
For the private mac address, they generate a new mac address when connecting to a new unknown Wi-Fi.
I think I did it before, but probably I didn't do it correct, or even I didn't do it at all.
Anyways, thanks a lot my friend, it helped me.
glad it helped.
mark it as [SOLVED] then