Page 1 of 1
User set himself router's IP (not MT router, the other one)
Posted: Wed May 24, 2006 11:15 pm
by kapusta_kiszona
User is setting himself wrong IP - another user one or router.
If he use main router IP, then all network is stopped for several minutes.
How to prevent it? On which INTERFACE I HAVE TO ADD STATIC IP?
It's third time I'm asking the same. No answer yet.
Yes, I read manual
Posted: Thu May 25, 2006 3:40 am
by sten
Do a proper network design.
Posted: Thu May 25, 2006 10:49 am
by kapusta_kiszona
Still waiting for your definition of "proper network".
Share it with us.
Posted: Thu May 25, 2006 1:24 pm
by Equis
I think he may mean route not bridge.
So
AP (You control)
Station/Router (You control)
Customer (customer control)
This means customer can set any IP and will only affect him
Posted: Thu May 25, 2006 3:01 pm
by kapusta_kiszona
Him and everyone on this router.
Posted: Thu May 25, 2006 10:14 pm
by sten
not router but interface, but yeah
so one interface pr customer and your set.
Posted: Thu May 25, 2006 11:11 pm
by jarosoup
Or just block all addresses except the ones they should be using on the inside (private, LAN, etc) port.
Posted: Fri May 26, 2006 12:55 am
by sten
Or just block all addresses except the ones they should be using on the inside (private, LAN, etc) port.
It would block the offender from reaching the internet but not from stealing the ip. The person who's IP that is will definitly find it unreasonable.
What if the offender uses his regualar ip for surfing and the stolen ip for his fileserver... He would still reach it
Posted: Fri May 26, 2006 3:11 am
by jarosoup
I think I misunderstood the post then.
Static ARP entries should solve this, if you want to account for all of your customer's MAC addresses...or even PPPOE.
How is it that your customer keeps changing his IP address? This should only need to be done once when first installed?! What about DHCP?
Posted: Fri May 26, 2006 6:36 am
by UniKyrn
How is it that your customer keeps changing his IP address?
And why is he still a customer after the first time you catch him screwing with your network ...
Posted: Fri May 26, 2006 10:05 am
by kapusta_kiszona
Because DSL competition haven't such problems.
Posted: Fri May 26, 2006 10:06 am
by normis
so what? this person breaks your network. disconnect him
Posted: Fri May 26, 2006 1:30 pm
by sten
Because DSL competition haven't such problems.
Because their equipment form point-to-point connections.
Many choose to connect the ADSL via PPPoA and the edge equipment will copy the PPP payload of the PPPoA packets into L2TP tunnels into core router.
Posted: Fri May 26, 2006 4:15 pm
by Lukasz
I use statis ARP, and work's...
When client configure a wrong IP, then never connect to router...
(Kapusta
przypisz w (ARP) - MAC'ki do IP na stale i wtedy bedzie gralo)(the same but in our language)
Posted: Fri May 26, 2006 9:00 pm
by kapusta_kiszona
I'm doing it on my main gate (linuks). I don't know to which interface make static arp on Mikrotik. And it's not enough, I have to set arp reply only but dont know where and what are the new problems with this settings.