Community discussions

MikroTik App
  4. Other topics
  5. The User Manager

Firewall & Proxy by Profile

Post Reply
 
neilt6
just joined
Topic Author
Posts: 1
Joined: Sun Aug 21, 2011 10:21 pm

Firewall & Proxy by Profile

Sun Aug 21, 2011 10:43 pm

Hello! I was recently given a RouterBOARD 433AH, two Ubiquiti XR2 cards, and a pair of 14dBi panels for a new Hotspot for my church by my employer, but I have not been able to definitively determine whether what I want to do is possible with User Manager. Here is my plan so far:

I would like to set up one network for staff and one for the general public. The staff network is just a simple bridge consisting of wlan1 and ether2 (Uplink to main gigabit switch) NAT masqueraded to ether1 (WAN). The public network consists of wlan2 configured as a Mikrotik HotSpot using User Manager on a different network (192.168.1.0/24) and firewalled off from the staff network (192.168.0.0/24). That's the easy part, now I would like to apply different firewall and proxy rules to the users in User Manager based on their User Profile. I would like to set it up as follows:

Free Profile
----------
-All ports blocked expect 80, 81, and 443
-Transparent proxy for keyword filtering

Premium Profile
--------------
-All ports open
-Transparent proxy for keyword filtering

Unlimited Profile
--------------
-All ports open
-No transparent proxy

I'm also using those profiles for rate and credit time limitations, but I haven't listed those as I've figured them out. Ideally there will be one free account with up to 254 shared users for which only a password will be needed, the username will be passed with the login link. Premium and Unlimited accounts will require signup and payment through PayPal. I've more or less figured this all out except per-profile firewall chains and proxies. I was able to find the following options on the HotSpot User AAA page, but it's written for V2.9 and I can't figure out if it applies to User Manager profiles or just the Mikrotik HotSpot:

outgoing-filter (name) - name of the firewall chain applied to outgoing packets to the users of this profile
transparent-proxy (yes | no; default: yes) - whether to use transparent HTTP proxy for the authorized users of this profile

http://www.mikrotik.com/testdocs/ros/2. ... otspot.php
Top
 
User avatar
Bongo
newbie
Posts: 37
Joined: Thu Aug 11, 2011 4:28 am

Re: Firewall & Proxy by Profile

Tue Aug 23, 2011 12:03 am

easy just setup basic network settings for you & dsl on lan1
setup hotspot or pppoe for the rest thats it
if you stil want to set usage limits just add it by

if you dont no how just ask will direct you step by step :D
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 14 guests
  4. Other topics
  5. The User Manager