Page 1 of 1
help !! how to protect end-users from each others on network
Posted: Tue Mar 02, 2010 9:21 pm
by doctor
hi .. there is an annoying problem .. when a single client has a virus or some kind of a network problem ethernet or whatever it affects the whole network of 300+ users !!!
high latencies are observed , wireless links are badly affected ( timeouts and high delays ) .. Another thing if a loop happens how to prevent it from affecting network ..???? please i need answers
Re: help !! how to protect end-users from each others on network
Posted: Tue Mar 02, 2010 10:00 pm
by roadracer96
Drop SMB and RPC ports. More drastic would be to disable forwarding in the AP, but that would make it so 2 business locations couldnt tunnel a vpn to each other. More information on the infrastructure would be helpful.
Re: help !! how to protect end-users from each others on network
Posted: Wed Mar 03, 2010 2:29 am
by dog
There are too few information about your network.
I guess you are using a completely flat L2 network?
That would be a no-go for 300 users!
Do your users connect via CPEs or directly via their computers?
In first case just use pppoe and most of your problems will be gone...
Re: help !! how to protect end-users from each others on network
Posted: Wed Mar 03, 2010 3:53 am
by doctor
thnx for ur interest .. but no i can't use pppoe . my ISP provided me with ips each for an end-user and all of my clients are on the same network . I use the mikrotik just to let ips passthrough it inorder to make static the mac-addreses and observe the queues not more .. But when any small problem accurs the whole network is affected !! what can i do ?
Re: help !! how to protect end-users from each others on network
Posted: Thu Mar 04, 2010 2:34 am
by roadracer96
Are you saying you are running a /23 broadcast network in wireless?
Wow.
Re: help !! how to protect end-users from each others on network
Posted: Tue Mar 09, 2010 3:45 am
by doctor
plzz can anyone here answer me how to prevent clients on same network to affect each others :s
Re: help !! how to protect end-users from each others on network
Posted: Tue Mar 09, 2010 5:34 am
by mahnet
does /23 network affect broadcast.
i do not hav much idea of subneting but my isp has given me a server with 2 ethernet cards. LAN 1 with public ip and LAN 2 with lan ip 10.10.1.1. My Mikrotik is connected to LaN 2. Customers connect thru CPE CLIENTS to my mikrotik and their PC have IP 10.10.1.2 & 10.10.1.3 and so on. Some user give subnet as 255.0.0.0 and some give 255.255.255.0. The gateway is 10.10.1.1 and DNS is 10.10.1.1. Both type users still connect and access internet. I am facing similar latency issues. I have tried several firewall rules dropping several IP's. Sometimes nothing seems to help. I am apprehending broadcast and virus issue but i do not know how to prevent.
Re: help !! how to protect end-users from each others on net
Posted: Sat Apr 17, 2010 12:14 am
by DjStraw
ideas?, I have the same problem on my network.
Thanks