Hello everyone, the question maybe is trivial but I’m fighting from three days and still nothing:
CONFIGURATION:
On Mikrotik CCR1036-12G-4S-EM Ethernet interfaces joined in BRIDGE. These interfaces are connected to the AP (not all directly) some fiber by media converters 500m away.
LAN has planned for some 1000 active users, who through WIFI by AP (roaming) connect to the Internet (SSID + password). The network has a DHCP server.
PROBLEM:
The password for the WIFI was spread on the users, and the network also connect to an unwanted person.
QUESTION:
I have a the white of MAC addresses that are “authorized” to connect to the Internet
How to implement this list, that only they could use the internet?
There are a couple of solutions that might work in your case, but here is one that you might want to try first. The firewall can block access via the MAC address. In the Bridge settings, you will need to select “Use IP Firewall.” Then you can go into the firewall and create rules in the forward chain with the “white listed” MACs. The action will be accept. After those rules, the last rule will be a “drop rule” where you are dropping everything else in the forward chain. If you have 1000 uses, this could be a little time consuming, but if you already those macs somewhere you can use a spreadsheet to create the rules. It might be easier to just change the password for the wifi from time to time.