Hey Everyone,
Can someone explain how to use the RouterOS to stop customer’s mis-configured routers from addressing our clients?
I think there is a way to do this… but I am unsure of how to enable this feature.
Adam
by giving each customer their own L2 network.
Is the L2 network a configuration with the VLAN command?
Can you please go into more depth on this issue?
Adam
Is the L2 network a configuration with the VLAN command?
Can you please go into more depth on this issue?
Adam
Not without you telling me more about the network and how it all hooks together.
I have the A.P. configured as dumb bridges.
Clients on the Wlan side, and the network on the Ethernet side of the RB532.
Clients are addressed in the 10.0.10.xxx/16 range. Bridges are addressed in the 10.0.18.X/16 range.
I am managing each client by the Wlan device = bandwidth management, etc. all gets done here.
I have been considering configuring the RB532 to address the clients as they pop up; hoping to make the address location scheme much quicker for people when they need to re-associate for radio or router re-boot.
Let me know what else you need to know…
Adam
then i guess you can use bridge filters and default-forwarding=no to control the traffic…
default forwarding allows the wireless clients to communicate with each other.
turn it off.
Dear Rob,
That’s it?? OK…
I will start to run through the nodes turning that off to each client. Wonderful!!
Adam
Stopping the radio from forwarding packets is only half the problem, the AP has to be told to block that kind of traffic also. In your firewall “forwarding” tables, you’d want a rule that blocked any packet that ingressed via a wireless port and that tried to egress via a wireless port. After all, the AP is a router.