Hi guys.
I’m thinking to migrate my network to PPPoE, delivering ip automaticaly (pool of ips, not fixed). Today I block a customer with some firewall rules on the gateway (ip addressing is fixed today), redirecting all http request to page warning about the reason of block.
With PPPoE, using randon ip address, How can I do it ? is there radius attribute to MARK (on firewall) the user connection ?
thx
Block his MAC address.
With PPPoE you can still give your users static ip.
With PPPoE you can still give your users static ip.
t3rm thx for reply,
I know this feature, but in this way, I’ll must create static firewall rules. I’d like to create rules dynamically.
Something like it:
“change radius attribute and user traffic go to block chain on the firewall”
I found the Filter-ID attribute, but it not work for me, because the traffic through by filter chain, and I need that it through by dstnat chain/nat table (I need make dnat in http request).
Do you understanding me ?
If they’re authenticating to your network via PPPoE, why don’t you simply change their password to block them?
Because I need redirect all http traffic to my http-server warning the customers about the reason of block.
thank you
I have to suspect that if they can’t login to your network, they’ll call and you can tell them the reason they’re blocked that way. 
If you let them on your network, I’d recommend that you at least assign them an IP that you don’t route to the Internet. Then route all traffic from that IP network to your webserver using port forwarding at the AP.
It’s not the best solution, but work too.