We currently use the MAC authorization for our Mikrotik AP’s and it works great. I have a new project for an apartment building which will be ethernet wired instead of wireless. I’m sure this can be done with Mikrotik like we do for the wireless interfaces? The access list will only let you select an interface for a Wireless Card or “All”.
DHCP RADIUS with reply-only arp, DHCP server adding address to arp table.
EDIT: Or a managed switch doing the same.
I want to authenticate them by MAC address, and also control their speed limit by MAC address. Is this possible?
Speed limit would be by the ip assigned to that MAC address, so basically, yes.
Unless I’m using DHCP, then I’m screwed because I would Limit their IP address speed, and when it goes to renew the IP changes…there’s got to be SOME way around this right? There’s not an option like there is on the wireless authentication access list? You can cap the MAC address there..
The DHCP server can pull info from a RADIUS server. IP Address, rate limits, lease time, or a dynamic ip address from a pool defined on the router itself.
http://wiki.mikrotik.com/wiki/DHCP_Server
It will do everything you want it to do. You could even set it so unknown MACs are put on a network that redirects to an account management page. Endless possibilities.