MikroTik

Feature request.

We are registering ip to mac address at

/IP FIREWALL RULE FORWARD
src-address=x.x.x.x/32 src-mac-address=xx:xx:xx:xx:xx:xx

Queueing traffic

/QUEUE SIMPLE
target-address=x.x.x.x/32 max-limit=yyyyy/zzzzz

And all of this is beeing done to the ethernet traffic.

All information about our client are stored ir MySQL db
CLIENT NAME
IP ADDRESS
MAC ADDRESS
MAX SPEED

RouterOS can access it through Radius

Q When will RouterOS support
802.1x - Port Based Network Access Control
to the ethernet traffic - or is there another possibility to do
mac registering and shaping automatically ???

We do have huge problems with this because we have to
control more than 1000 customers with just one router.

Ingus.

There is PPTP -- if user is not directly on the Layer 2. There is PPPoE for those that are Layer 2.

John

I'm not sure that this is the correct solution.

Well not many ISP force users to connect through PPTP or PPPoE.

There should be some another solution for our problem.

Ingus

802.1x is implemented by the access device, not the router.
You should use switches or APs with 802.1x capabilities; these will only allow authenticated clients to activate the (layer 2) link. Most enterprise grade networking gear can do this.
Any real ISP will control the customer at the network access level, either in the access hardware ( usualy Docsis cable modem using digital certificates ) either logically at the Access Concentrator ( using ppp encapsulation, like pppoe or pptp ).
In certain circumstances MAC-based authorisation can be used ( like in hot-spot ) but there are some drawbacks too.