Hi, just need your help about this things.. im really not an expert for mikrotik but was able to look on things on the internet to do setting up hotspot.
i just wanna find out about it… i noticed devices are connected to my hotspot without any vouchers not tagged as Authorized or ‘AH’ but weird is they are connected for a long time…i couldnt get the reason why would they be connected for hours to it without internet.
the range of IP i set up for my hotspot is 10.10.0.0/24, its assigned to the poe port which is Ether5, the ether4 and ether5 are setup for pc with IP range 192.168.30.0/24 and 192.168.10.0/24 respectively. its really weird for 192.168. 1.4 address to be assigned to one of the devices connected to the hotspot. i might be wrong also because theres another IP there which is “to address” just correct me im wrong. also ever since i noticed this devices are connected to the hotspot for a long time. I put them to IP binging and blocked them. i have tested this on my mobile and id didnt allow me to get the internet connection though im connected to the hotspot. that mac address which has a unknown IP…was already on the list of the IP binding which are blocked and yet its was able to get connected with a different address. please educate me about this things since im really not a expert.
also if you can help me on how or what to do and how to find out if im being hacked.
CPE’s can connect without having userpass to a walled garden. It’s not you been hacked. It can be - but then you need to check if the users are using your net. Take a packet dump or somethig like that, and check the users traffic.
what is the difference beween the ‘address’ and the ‘to address’ anyway…which is the real ip address of the device… i dont understand why that 192.168.1.x would appear there if mikrotik is programmed to only use 10.10.0.X..not any of my ports are using 192.168.1.X, not even my WAN. all other device if you check the picture show they have the same ‘address’ and ‘to address’ but only this one..actually this isnt the first.. ive seen once also last time..but i was not able to print screen it..
This is the Universal Client NAT or a 1 to 1 NAT intended to allow devices that have a static IP set to still be able to connect to your hotspot. If you set the address-pool=none in IP>HotSpot then this will not happen.
Sorry but i found it, you already stated it there.saw it addrss -pool in ip>hotspot..ivr changed it to none.just need to monitor it now…hopefully everything will be ok.
Also, the devices that are connected to the hotspot, but not authorized are normal. There are a lot of devices that will attempt to connect to any open WiFi automatically. I know here, a lot of trucks have a gps tracking system that will report home via open WiFi. Phones and other devices can do the same.
Yeah i do agree, apperently the weird ip addressig did not work..worst i used this mobile phone and its using 3 diffrent address at the same time… And 2 of the address are out of the range i set up
See the mac ending with 7E.75?? Thats my mobile
Also there are so many connected device that are not tagged as H, AH, AD, D or any. Can anyone please help me what are these things
My apologies my computer just crashed on me..have to fix first before i can do that…shickz..all of a sudden , now my paranonia is getting worst… Any way im using mobile to access webfig apparently when i try to open terminal its not allowing me to type anything coz the keypad is not appearing… Gosh.
I was able clean up most of the mess using my mobile , but my pc i still down. I resolve the issue where there are so many untagged connection (no H, D,AH…) And those who are connected for hours to the wifi bu no login or AH… Well on default the idle time out is setup..but its having issues because it disconnects my clients and it becoming an intermittent to their end ao i remove the idle time out but it caused the issue mess above so i put it back and set it up to a conaiderable time like 30 mins idle (i think thats good enough)..then it clean out all those on the list above.. (though im not sure if it really disconnected them from the hotspot or the router juat hide them on my display). Iim also not certain if that is the reason those out range ip address are coiming out. Another one the one mac address with multiple ip addresses. Nonetheles im still monitoring it and i only have 4 people connect 1 tagged as AH which is me, 3 H which is 1 is my ap and the other 2 are users.
Iim back apparwntly the 1 mac with muktiple address is still happening..that is the ip is weird like the range i set up is 10.10.0.0/24 and yet ther devicea able to get an address 100.x.x.x.
Ive lost hope on my computer im not gonna be able to fix it i gueas so im uaing my mobile phone.
Btw is there a way for me to block the access the gui webfig and userman and only me … Though they have user anme and pass . Im afraid theyd be able to hack it
