I’m having an issue with hotspot with several clients that show up multiple times on the hosts page with different ip addresses corresponding to the same mac address. I do mac authentication as well as https authentication, also I give real ip addresses to authenticated clients however clients who are authenticated sometimes get the login page and it shows that they are logged in with one particular ip address but not authenticated with another source ip address. Often times there will be many ip addresses shown. I have limited to number of ips per mac to 3 however this only reduces the amount of entries shown in the hosts table.
See attached example below:
Due to this the client occasionally is seeing the login page when browsing and its a very big inconvenience for the users. Is there a firewall rule that I’m missing that i need to enter to stop this behavior? Im using version 5.21, however I have this happening using 5.22 as well.
A little further info,
Each Client has a router that is directly connected to the hotspot network, On further investigation, it seems that in most of the cases im seeing the internal address of the clients computer on the recieving end of traffic coming from outside.
Any idea why the hotspot would be detecting traffic from the internal machine even though NAT rules are in place to masquerade traffic going to the hotspot?
Hi,
The client is possibly running something like VMWare Workstation. where a single machine has a single NIC and is bridging his VM’s with the NIC on the host, they could have given each VM a static IP which is what you are seeing?
The hotspot uses Dynamic Address translation, so even is the client is on the wrong range it will still work. which is why you see from address and to address.
Hope this helps