Hey Bryan again,
Is there a way to deny all connections, unless the physical address is assigned an IP in the DHCP reserve list?
\
Basically, deny any unlisted MAC from connecting
I have taken the time to create a basic network layout.
Note: We have a paid internet connection, dedicated for our Soldiers; Consisting of ~118 users that pay.
The Objective:
Using DHCP Reservations exclude everyone and allow only reserved MAC addresses to receive an IP address.
This can be done with Microsoft's DHCP Manager by creating a scope, excluding all, and adding reservations for your customer's MAC addresses. However I have yet to find a decent reference, help file, or tutorial on how to do this with RouterOS. I could layout a static ARP table but the main goal is make it seamless for the user.
The Reason:
We have Soldiers that do not pay for this service and do not want the Soldiers that pay to have to suffer because of the "leechers" that obtain internet without paying for the service.
Thanks!
Have you tried implementing a DHCP server with all addresses in the range it serves having been added to bindings to MAC addresses? It should have the same effect and only give out DHCP to clients that have had a lease reserved via MAC address.
You could then additionally use a relatively new feature in 4.x that adds IP addresses to an address-list for the duration of the DHCP lease and automatically removes them afterwards, and use firewall rules to block all traffic in the forward chain for packets not from or to that address list.
Hey Thanks Fewi,
I will look into that, I have not tried that so I will. I as well look forward to using that feature; Thanks for the help!