I did set-up an hotspot system to a quite large area and gave internet access to ~100 user. The system contains one RB750, a few antennas and a lot of switch.
The main problem is IP confilict. I’m giving real IPs to users with DHCP server from mikrotik but sometimes, users get IP Confilict error. I was though one or a few user(s) trying to connect ADSL modem or some type router with enabled DHCP server to their cable. So, i blocked every subnet IP from Hotpot > IP Bindings.
Problem solved for a few days and i count 84 active users yesterday but today, trouble is get back. I see very IP addresses in Hotspot > Hosts section that are not start with 192.x.x.x or 10.x.x.x ( Also there are many duplicated IP from DHCP pool in same table. )
Strangely problem solved automatically, after drop users and hosts a few times.
So, please help. I need to prevent happening this again.
Set the Hotspot interface to an ARP mode of “reply-only”, and set the “add-arp” option on the DHCP server to ‘yes’.
At that point you won’t be running dynamic ARP on the interface anymore, but the router will reply to ARP requests from clients. The router will only be able to talk to clients who have had their ARP mapping added to the ARP table by merit of having received a DHCP lease from the router.
That should take care of customers statically using IP addresses already allocated.
Since you’re using publics you also want to make sure that the Universal NAT feature of the Hotspot is turned off by ensuring that the address pool configured on the Hotspot server profile is set to ‘none’.
Could you tell me where can i find that Universal NAT feature thing ?
It happens again btw. Our tech department getting too much IP Conflict complains from our customers. Please look at the screen shot;
Red Mark 1 : Where those IPs come from ? I didn’t give them ?
Red Mark 2 : How can i see my gateway in hosts list ? Isn’t it strange ?
Active user number is going down just after change the arp settings on hotspot interface. Also the values on gateway and hotspot ethernet getting strange a bit. They are very close til change the arp settings;
you also want to make sure that the Universal NAT feature of the Hotspot is turned off by ensuring that the address pool configured on the Hotspot server profile is set to ‘none’.
Go to IP > Hotspot > Profile and edit the relevant profile, and set the address pool to ‘none’.
Those IPs are coming from whoever owns the MAC address listed for them. It’s impossible for me to be more detailed since I don’t know your network. But that MAC address - probably a router - is putting those IPs on your network. Investigate that router.
I don’t understand your other question. At this point it would probably be helpful if you posted a network diagram together with details of your configuration. Just a couple of screenshots aren’t enough to get to the root of the problem. Also restate what exactly you’re observing and why you think what you’re seeing isn’t right.
I normally would presume this is a typo, but considering the subject…
Did you notice the drawing shows an ip conflict between Building 3 (90.0.10.102) and Building 4 (90.0.10.102) ?
What are you using for the hotspot user database? Are you using RADIUS or the router’s hotspot user database? Do you assign specific ips from that database? What hotspot login-by method do you use?
I get a lot of non-localnet ips in “/ip hotspot host” in the “address” column. But the “to-address” is always my dhcp localnet ips.
EDIT: I use the universal nat. My system would have troubles if I didn’t. I get tourist customers that have static ips assigned to their computers. They would not get access without the universal nat feature. I see their static ips in the “address” column, but the hotspot universal nat translates that static ip to a localnet ip.
I see your post with the section of “/ip hotspot host” above. The “to-address” entries should all be in the localnet of the hotspot. Post “/ip hotspot” and “/ip pool”. And while you are at it, post “/ip dhcp-server” also. My dhcp server pool and hotspot pool are the same pool for that interface.
And the mac addresses in the “/ip hotspot host” list above are apparently the AP/radio/antenna mac addresses. Did you set a value for “addresses-per-mac” in “/ip hotspot profile”? Maybe the value was not high enough?
