hi...I have a problem in Mikrotik...as follows
my problem is when someone loged in and other one (hacker) uses the same mac address he got share the same bandwidth with him without needing to login..!! and if he disconnect the other also disconnect....
also the hacker get the same ip that of the normal user.
Welly I am not so proffecional so I don't know if this is a bug with MT or wrong setting....
1-Mikrotik RouterOS 2.9.27 is working as wireless router with hotspot.
2-I have users with log in through username and pss with locked account to user mac.
3-I am using user manger from the same MT and hotspot to generate randomly cards sold as prepiad cards.
4-I have internet cafes connected through same hotspot with at least 5 users each.
5- MAC log in is disabled, cookies are disabled ( I don't know if this affect)...
-------------------------
things that i think i can't change......
1-hotspot is set to allow 7 addresses per mac because i have some user profiles with 7 shared users thesse cafe's uses ap's to to conect to my MT.
2- I thinked about using encryption but this is very diffcuilt especially that users use 2.4Ghz pci cards and i don't know most of them because the buy my cards from other custemers and I can't share web key with them.
4- I have changed some setting to disable Mac scanners and port scanners... But this wan't do much for me because many of my users are dummies and always get there PC's to repairing workshops where some of workers gan get there MAC's..!!!
first I want to know if this is a bug or loss of setting...... What can I do to prevent same MAC's from login
Please Need help urgent

So no replay till now is there a problem with my post if so tell me to make it right!!!!!

Upgrade to the last stable version 3.1

Regards!

Welly is there a such a problem in all router OS versions before 3.1!!!!!!!!!!!?????

Hi ram, this limitation exist in all versions (2.8.x, 2.9.x and 3.x). Use pppoe.

... or enable cookies

OK I have tried and enabled cookies but don't work do u think there is another think in the firewall or the profiles I have set the profiles to open status page always..... any idea to test please.... because welly I think MT is great but this is a big problem to me....... may be there is somthing missing because i always try to test new rules for firewall and viruses

Nothing to do... enable MAC authentication and encrypt your network with WPA or WPA2...

Regards!

OK I want to know why this happen with Mikrotik theoritically as my littele info when some one login the browser get a cookie from MT and MT stores that cookie then when other one want to log with same MAC and IP the cookie does not exist in his browser so why he get login with authenitecate......
and even why DHCP assign an IP for more than one pc with same MAC ....!!! even though the hotspot host list and dhcp does not recognize that...... is this a BUG...
anyway I have conclude that welly there is problem in this subject with MT ...I hope I am wrong...
also why this subject get less disscuition from others ... am I the only one facing this problem....
about encrypition it is impossible to me to use it ..only thinking is there a way to use some kind of encryption that when user get connected get a key from MT when loged in get another key atomatically....!!!! just dreaming..
any way can you tell me another LINUX OS can be used as radius and hotspot with all specification of MT in the site I mean radius (user manager) and easy hotspot control like MT ...with the prevention of MultiMAC log in ....
any other type of authenticate ....
what about PPPoE is it suitable for wireless, is it easy to use from client site , can I use user manager with it... I haven't test it yet but I want to know if it does suit my case before doing hard work...
I know I am getting bother you with my questions ... but I have learned to ask more

It seems that noone wants to help or this problem can't be solved with open hotspot with Mikrotik. I only want to know why this happen and if I use another hotspot system this will happen... the only thing I make benefit from MT is hotspot and user manager... so I thing there is another software and free... like coovaaa and chilispot if any one knows any linux OS or software please help.

This is something not related to Mikrotik ..
What CPE wireless client mode you have ? I'm sure you are using AP station, so all subscribers connected to the same CPE are sharing the same MAC. Change it to or repeater mode if your CPE supports address4. (Sure I'm talking about P2MP scenario)
But you said, 2 users using the same identical IP on same network .. both should not be able to work at the same time, and conflict alerts should pop-up !

Sure, don't forget change the max. shared MAC to 1 again.

Regards

most of my users use PCI WAN ... and wt u mean by max share MAC there isn't any option like that......
I only want to know if this is bad config. my be some firewall rules i added recently or from bad DHCP config. or hotspot ip pool ... any idea would help and if that is certenly about bad config. I will mak a new installation of MT despite the headache of my network details...

Couple of Things...

You have someone spoofing someone else's mac, you need to find that. Thats first.
Second, yes, it issues the same IP, cause its the same MAC!
Third, you are on a VERY old revision of MT, newer features may help.
Authenticated MACS is one of these, therefore, the user can only have one MAC out there.

My best suggestion is to BLOCK this mac completely and see who surfaces i.e. companies that things are not working, bet one of them is not authorized.

wt u mean by max share MAC there isn't any option like that......

I meant the "Address Per Mac" option, you can find it in your hotspot settings.

Stop using illegal copies of MT!

its the same old song ... where the hacker is using net-cut to disable a connected user then logged in by cloning the user mac ... its not a MT issue , its related to the arp table ...

Hi, still the same problem?

I think it is something quit different what makes the problem.
I think that some of your internet cafes are using routers, then the same thing happens, if one pc is logged in all the others are logged in. Install switches and your problem is solved!

JWS

Hi, still the same problem?

I think it is something quit different what makes the problem.
I think that some of your internet cafes are using routers, then the same thing happens, if one pc is logged in all the others are logged in. Because it is the Routers Mac that is logged and not the one from the pc. Install switches and your problem is solved!

JWS

Stop using illegal copies of MT!

jwcn (don't know your name) I wonder how many times you've said this over the years.

What is "net-cut"? Is this a hacker tool or something that I need to watch out for?