limit user connection

yaikun94 · January 25, 2016, 3:47am

I have RB951G with 1 wan (eth01) and dhcp server (eth02 - eth05) with address 10.0.0.1-10.0.0.254
I want to config so that only 40 users can connect to the internet. the other user still received ip from dhcp server but can’t connect to the internet.
Thanks in advance and sorry for my bad english

jarda · January 25, 2016, 5:59am

40 listed individuals or randomly selected first 40?

yaikun94 · January 25, 2016, 8:55am

randomly selected first 40

jarda · January 25, 2016, 7:30pm

Set two dhcp pools, one with 40 addresses, second with the rest. Set short lease time (10-20s). Use firewall rules to enable the first pool and disable the scond pool internet access. Should be working.

yaikun94 · January 26, 2016, 2:31am

Tks but if one of the 40 users left. That leaves 1 empty spot in the first dhcp pool right ? that means the other user from 2nd dhcp pool will have to reconect to receive ip from first dhcp pool right ??

jarda · January 26, 2016, 4:52am

No. It is not like queue for stepping forward. When one leaves the first pool, the newly connected client gets the released ip address. So whoever connects at the right time when ip is free, gets it. In practical it still keeps the random approach with lease time as parameter you can tweak to see the real behaviour.

yaikun94 · January 26, 2016, 6:18am

Thanks. Btw can u help me with your config i’m still new to this.

that means 2 dhcp in 2 different bridge right?

can u show me how. Thanks

bajodel · January 27, 2016, 4:31am

No, two pools (ip ranges) in the same dhcp (as jarda wrote).

Firewall rules are simple, allow internet from “40-ip-pool” (use an address list) and block the rest.

yaikun94 · January 27, 2016, 6:53am

Kay i understand the firewall rules but i still don’t know how to add 2 pools in the same dhcp. Can u be more specific please. I created 2 pool, the first one has 40 ip and the other has the rest. How can i add two of them in the same dhcp ???
Sorry for my bad english

jarda · January 27, 2016, 2:50pm

Just open the first pool and set the second to be continued in it…

In other words, set pool2 as “next pool” of pool1. In dhcp server set only pool1. The pool2 should be used automatically when pool1 is exhausted.

yaikun94 · January 28, 2016, 1:49am

Thanks a lot bajodel and jarda for helping me solved this problem

jarda · January 28, 2016, 6:51am

With pleasure. Please share with us how it works and what is the practical experience.

yaikun94 · January 28, 2016, 8:23am

Still don’t know yet, but i thinks it will worked fine.
Btw is my firewall rules correct ??
Firstly, I added 2 address list 10.0.0.2-10.0.0.42 and 10.0.0.42-10.0.0.254
then i created rules in firewall filter > advanced: address list(first 40 ip) > out interface: eth01 >action: accept
(all the ip left) > eth01 > drop
Thanks in advance and sorry for my bad english.

jarda · January 28, 2016, 8:41am

You can try by fix ip assignment to testing device…

yaikun94 · January 29, 2016, 4:25am

it 's worked perfectly guys =]]]. First 40 ip can connect to the internet but the rest of the ip can’t. The firewall rules are same as above. Tks for the help guys

jarda · January 29, 2016, 6:58am

Your welcome. Enjoy it.

prawira · January 29, 2016, 9:26am

Please keep in mind that RB951G is shipped with L4 license, so only 20 users of hotspot can online on the same time; unless you buy the additional L5 license and load it into your RB951G.

Paul

jarda · January 29, 2016, 9:36am

There is no relation to hotspot in this topic.

yaikun94 · February 16, 2016, 9:38am

eh only 20 users at the same time ? But i checked it on this website and it says 200 users ???
http://wiki.mikrotik.com/wiki/Manual:License