Community discussions

MUM Europe 2020
 
miooodek
just joined
Topic Author
Posts: 5
Joined: Thu Apr 05, 2012 11:41 pm

DHCP only

Sat May 19, 2012 11:05 pm

Hi all,

I want to secure server in my network, all host gets static IP from DHCP server in mikrotik.

I have 3 access points with WPA passphaze that knows also everybody now, and my idea is to force clients to get ip from dhcp only.
Than I would write some firewall scripts for the range IP's that aren't static from DHCP, and block them access to my server.

My question is, how to setup, enforcement for getting them IP only from dhcp, that if they assign maualy IP the connection will not be estblished.

Thanks in regards
Mike
 
dison4linux
just joined
Posts: 18
Joined: Fri Apr 13, 2012 4:26 pm

Re: DHCP only

Sun May 20, 2012 5:32 am

I'm not sure exactly what you're asking is possible and/or wise. Even if you did set DHCP reservations for all of the hosts on your network, there's no reason someone couldn't accidentally pick a static IP that is within the range that your firewall allows.

If all or most of your hosts are wireless, what I would do instead is use a combination of the "Connect List" under "Wireless Tables" and setting default-authentication=no in the interface. That would mean that only MACs configured in the "Connect List" would be allowed to connect. Any other MACs seen would not be permitted to connect.
 
taduikis
Member
Member
Posts: 423
Joined: Sat Jul 07, 2007 12:09 pm

Re: DHCP only

Sun May 20, 2012 10:31 am

Just set your dhcp server up, make a static ip-mac binding list in leases table and set reply-only to the dynamic ARP on dhcp iface. Make sure you have "add ARP for leases" checked in dhcp server setup.

The same thing was also originaly discussed in this thread:
http://forum.mikrotik.com/viewtopic.php?f=9&t=43502
 
miooodek
just joined
Topic Author
Posts: 5
Joined: Thu Apr 05, 2012 11:41 pm

Re: DHCP only

Tue May 22, 2012 12:03 am

Thank you both! taduikis solution suits me the best

Who is online

Users browsing this forum: No registered users and 33 guests