Security Problem :(

cibernet · Thu Apr 14, 2005 7:04 am

Hi, i have RouterOS 2.8.26, we are a small ISP, and have a problem with security, i have set up a DHCP server with static leases for the clients, but if someone put an IP from mi local net, he can connect with internet and.. without traffic shapping... i need a way to add some security that only permited IP and MAC address can connect with Internet...

Sorry my bad English...

THANKS!!

djape · Thu Apr 14, 2005 12:05 pm

Use static ARP, bound IP address to mac-address for each user, than turn on ARP=reply-only on your ap-bridge interface.
This means that only users that have exact mac an ip address can use your network.

Cheers...

kallocom · Thu Apr 14, 2005 2:27 pm

good idea, but doesn't work behind some Ethernet Converters... how about PPPOE?

cibernet · Thu Apr 14, 2005 4:27 pm

Hi, any other way to do it? before nobody was allowed to pass through the router, but now... anyone can, i dont know what could it be..

jarosoup · Fri Apr 15, 2005 5:25 am

Not really a security fix, but more of a way to hinder - How about set a catch-all bandwidth queue for any addresses not accounted for...and set it to 1Kb or something extremely slow. Idealy, maybe get radius going or use the hotspot feature if pppoe isn't an option.

Security Problem :(

Security Problem :(

Who is online