Hi,
does anybody know if/how it is possible to:
1. authorize MAC address of the connected computer based on RADIUS reply and then assign port to specific VLAN?
2. detect DHCP snooping on specific port and take an action based on that (ie disable port)
thanks in advance
Ser@fin
CRS questions about MAC authorization and DHCP spoofing
Last edited by serafin on Tue Jun 05, 2018 12:37 am, edited 1 time in total.
Re: CRS questions about MAC authorization and DHCP snooping
after some investigation:
re 2:
still no success for DHCP snooping configuration but two options to address issues with malicious DHCP server in L2 segment:
- Protocol Level Isolation described here: https://wiki.mikrotik.com/wiki/Manual:C ... _Isolation
- DHCP server alerting described here: https://wiki.mikrotik.com/wiki/Manual:I ... ver#Alerts
Ser@fin
re 2:
still no success for DHCP snooping configuration but two options to address issues with malicious DHCP server in L2 segment:
- Protocol Level Isolation described here: https://wiki.mikrotik.com/wiki/Manual:C ... _Isolation
- DHCP server alerting described here: https://wiki.mikrotik.com/wiki/Manual:I ... ver#Alerts
Ser@fin