- #FILTER MAC ADDRESS MIKROTIK HOW TO#
- #FILTER MAC ADDRESS MIKROTIK MAC#
- #FILTER MAC ADDRESS MIKROTIK WINDOWS#
I think the controlled ARP entry solution is the best because it requires zero scripting and zero maintenance - it just works, and it forces users to get DHCP if they want to get on the Internet.
#FILTER MAC ADDRESS MIKROTIK MAC#
I notice that dhcp server has a "run this script whenever a lease is created" - you could make a bridge filter that drops all forwarding and input except for broadcast frames, and then make your script insert allow rules for each MAC address - however, if you have multiple switches (or use the hw switching of the 2011) this won't catch everything. With bridge filters, you can accomplish your goal but it would be pretty script-intensive.
Honestly, I'd say that hotspot will be much more trouble than it's worth for what your goal is - to stop users from hard-wiring their own IP addresses. With Hotspot, you could put some rules in the hs-unauth chain (which gets created automatically when you activate hotspot feature) that allow this type of traffic.
#FILTER MAC ADDRESS MIKROTIK WINDOWS#
Is there any other way in Mikrotik instead of using Layer2/Layer3 switch to restrict unauthorized users who enters ip address manually to get access to network.ġ) If i use Hotspot with MAC-Authentication how can i allow unauthenticated users to access Windows SMB Shares(NetBIOS) of other PC's & some websites without authentication.Ģ) I agree with both of your solutions, but isn't it possible through Bridge Firewall Filters this way i don't have to touch DHCP / Create Hotspot in my network, how can i make it easy by Bridge Filters
#FILTER MAC ADDRESS MIKROTIK HOW TO#
Is there any way where i can create whitemac id's list and create filter based on list if yes ? pl explain how to get it done.ģ.
I am using RB2011 (having 150 clients on network) Is it good method to create bridge filter rules and white-list only required MAC id's to pass through and drop all others.Ģ. I have created mikrotik bridge between 2 networks my DHCP server resides on other end, where we have reserved IP address based on MAC address, and not having any Layer2 / 3 switch in network, but i have seen many unauthorized users assigning IP address manually and getting access to network, it is also conflicting ip address on the network, so i thought MAC filtering using bridge may work, as i don't want to touch any gateway / dhcp configuration which not in my control, i have following queries based on above scenario.ġ. LAN PCs=Mikrotik-RB2011ui2hnd-RM ( Configured as bridge)=DHCP=Main-Router
0 kommentar(er)
