Costumer running The Dude: can see whole network

RouterOS The Dude
1

Hi!

I don’t know if that’s the right section, forgive me if I’m wrong :slight_smile:

I’m sorry if this question may look dumb for you all, but a costumer of mine just downloaded “The Dude” and simply run it on his system et voilà, he let the software scan and now he can see my whole network (APs, Bridges in WDS mode, etc.).

The funny thing is that my AP has “Default Forward” disabled and my backhaul is on a different network than costumer’s CPE :neutral_face:

He can also see other costumer’s shared folders! Is there any way to prevent that?

I don’t know if this may help, but I’m using PPPoE to assign costumers an address, and all costumers are on the same network :neutral_face:

Thank you,

2

Need firewall rules.

3

Thank you very much for your fast repy, but, could you be more specific?

Do I need to block something particular?

Do I need to put those rules on my AP or on my PPPoE server?

4

There are plenty of standardised rules out there, and firewalls. get something from the wiki etc. apply to all routers.

Dennis Burgess
http://www.mikoritkconsulting.com

5

allow needed ports, drop everything else. drop everything directed to your routers (input chain) that is not coming from approved IP addresses.

read this to see what other people are doing:
http://wiki.mikrotik.com/wiki/Securing_New_RouterOs_Router

just to get some ideas