Can someone please tell me how do i assign a ip address to a node that just connected to my AP? I dont want to use dhcp. Im thinking of running a free wifi for gaming and so on. But when the people connect to the ap then they must first conect me so that i can give them a ip address.
How do i exactly do that.
What is the steps to do that. Can someone tell me what to do next. I know i should log into winbox but what next? Must i remove the ip range 192.168.8.0/24 from the wlan interface?
Even tho you may not want to use DHCP, if you want to issue an IP address without using static assignments, DHCP is the way.
/ip dhcp-server setup
There are several options with DHCP also. Static assignments, RADIUS, etc.
My radius is not working correctly, it shows that the radius server is not responding. i found the problem and it is becos the router reject the packets.
thanx
I don’t use RADIUS with DHCP, just the standard setup. I was just mentioning that you CAN! DHCP is an automated version of issuing IP addresses. For your application, it sounds like just what you want. DHCP issues an IP without question, and away they go. Is there something you are leaving out? Like some type of security to keep everyone within range from using your internet connection?
If i can allow only one user to use the internet then that would help. i want to allow anyone to connect to the AP but only one spesific mac can use the internet, all the other can only use file sharing etc.
Do you know how?
And if i can monitor each person that connects to see how much data they transfer (almost like qeue).
i wonder if there is a script that can add a qeue for the new user and then save the statistics before removing it again after 24hours of inactivity.
Yes, there is a way. I use this in several instances when I want employees of my host properties to connect without having to pay for access through the hotspot.
The way I use is set the dhcp lease to static. This means every time that specific mac address requests a ip address, the dhcp server issues the same ip.
/ip dhcp-server lease
make-static X
where X is the line number of the lease.
Then use the firewall filter to let that single ip access the internet, and drop the rest.
If you need help, let me know. We can go through it a step at a time.
Thank you i have set it up tht way and it is working.
Hi what i did was is that i have add his ip 192.168.8.3 to the source address in the natting rule. So only 192.168.8.3 is allowed to use the maquerade rule to gain access to the internet.
Wil that work surferTim or is there a security risk? I dont want anybody that makes his ip 192.168.8.3 to use my internet.
Hope to hear from you soon
I have not tried that way, but I do not see a problem with it.
It there a way to only allow mac xx:xx:xx:xx:xx:xx to use the masquerade rule? If so then i can add his mac and only that mac can gain access.
Yes, in an indirect way. Use the make-static assignment with your dhcp server like I described above. Then that mac, and only that mac, will always get that same ip. Then use the masquerade rule.
Just consider that MAC addresses can be spoofed with little effort. If that is not an issue, your good to go 
Jimbo
what will you recommend? What is the best option i have
I use the make-static and bypass those ips through my hotspot without trouble. There is a possibility that someone would figure it out, but it requires someone with above-ordinary skills that has nothing better to do with his/her time.
I did a test last nite. I connect with my laptop wirelessly to the AP and made my ip static, i put it the same digits as DCHP will give the static lease user. I was not able to go onto the intentet.
On my second test i disconnected the user that had the dhcp lease. I refreshed my connection and was still unable to go onto the internet.
My tests show that both computers will have the same ip, the one ip is a dhcp lease and the other manually put in. But only the one with the static dhcp lease will have access to the internet. When i did my test i did not get any ip conflict errors.
You did make the dhcp lease static, and didn’t assign the ip in the computer (not a static ip, but a static lease). The dhcp server will do that for you. When the computer requests an ip, the dhcp server will issue it.
If you are looking test the security, that is not how a hacker will get access. He will set his mac address to the lease mac, and request an ip. It will issue the same ip to that interface also, considering the computer with the real mac address is not online.