hi everyone,
we are using mikrotik 2.9.46 as bridge + access point.
actually we have logts of customers in many different buildings.
normally on each building we have a zinwell/ovislink/alpha radio as wireless client routing and doing NAT.
the problem is: as the radios are doing NAT we don’t have ways to block customers who do not pay 
unfortunately there is not possible to disable the NAT on all of our radios and have routed networks because some of the equipments we are using don’t have this option. they can only be used as bridge or router with NAT enabled.
does anyone have an opinion about what would be the best configuration to our environment?
thanks in advance
gabriel lauter
I’m assuming that the client radios in the various builds are connected to a switch that then fans out to each customer in the building that has signed up for service. Either start using managed switches so you can remotely disable specific ethernet ports with clients haven’t paid, or send out a tech and have him unplug the cable going to that client. If you have to send a tech, the cost of his visit to disconnect and later reconnect becomes a “reconnection fee” on top of the regular bill, if they eventually decide to pay and get reconnected.
Make sure the gear is in a wiring closet that the building occupants do NOT have a key to.
thanks for your answer UniKyrn!
it think that maybe I’ll not have enough funds to replace all our switches with managed switches, but the idea about having an activation fee is really interesting. in fact actually we have this manual procedure to block the service for clients who do not pay.
do you (or anyone else) have an idea about how could we have this kind of control remotely? bcause would be very interesting if our system could block users automatically when they keep more than two months with no payment.
thanks again!
gabriel
Yes, managed switches can be a bit expensive, you might check out surplus sites for older models that have been discontinued and are available cheaper. Without buying new equipment, I can’t think of any way to remotely deal with problem customers. The NAT server at their end does a pretty good job of blocking any method of separating traffic by customer so that it could be managed by customer.
You might consider using a MT as the client side unit, if that costs less than buying managed switches. At least then you could remotely access it and block customers by MAC address, since you’d be able to see traffic from them before the NAT happened.