Allow users to internet for ARP list only

Ipv8 · February 20, 2014, 5:08pm

Hello all at first ! i recently had some difficulty’s with one problem in work.

There is computer classroom and then there is users who brought own laptops and plug in ethernet cables to get access to internet. How can allow only my computers to be able to connect to internet and dissalow others ?

My first attempt was to setup

ethernet Interface with ARP: [Reply Only]
in DHCP: Authoritative: [Yes] Bootp Support [ Static]
and
in DHCP i put Add ARP for Leases

Now this works only problem is it automatically Adds new connections from DHCP to ARP list and if i remove users with laptops from arp list they just replug cable and they are back 3. point ehhhh… ! but if i disable taht point [3. in DHCP Add ARP for Leases]
i lost connection for all computers in network they can’t access internet. I know there is some kind of error in my configuration so can you help me to find out suggestions ? Maybe there is other way how to prevent access to internet for users ?

Thank you guys/girls

bulkmania · February 21, 2014, 7:12am

put your interface in ARPȘ reply only (you did this)
delete all ip’s from pool
dhcp leases static (ip and mac)
do the same for arp

this did the trick for me in the same situation

Ipv8 · February 21, 2014, 1:17pm

Thanks for reply worked !! Yesterday i was so frustrated for this problem but now all good

Now works like a charm only class computers are able to connecto internet and new commers who connect cable are out of luck !

By the way anyone know how to bypass this ? in case i need to setup some more advanced settings ?
Lets say user change static IP and MAC identical to some computer from class will it work ?

xpkiller · March 10, 2014, 4:29pm

I need static ARP because PCI-DSS..
and I tried make static in /ip arp but I get this: “Couldn’t add New ARP - already have such arp (6)”
I have 6.5 and 6.7 os versions.
What could be the problem?