Community discussions

MikroTik App
 
the_time
newbie
Topic Author
Posts: 28
Joined: Sun Sep 26, 2004 5:14 pm

Firewall after a bridge

Thu Dec 02, 2004 6:49 pm

Hi evrybody I have a question
I have an Mikrotik router and after it has a wireless bridge the reason I am asking is the clients that I have conected probably some of them has viruses that works on port 445 I have blocked this port using firewall rule forward but stil I can see activity betwen clients that brings the router down have any body an like this experience or I way to get this problem out.
 
jarosoup
Long time Member
Long time Member
Posts: 600
Joined: Sun Aug 22, 2004 9:02 am

Thu Dec 02, 2004 9:56 pm

Do yourself and the rest of the Internet a favor and block the infected clients completely from the internet until they clean their machine(s). Seriously. Your network will be virus free at least for awhile.
 
User avatar
dwright
Member Candidate
Member Candidate
Posts: 158
Joined: Fri May 28, 2004 1:10 pm
Location: Mchenry, Il

Sat Dec 04, 2004 4:46 am

Could you explain your setup a little more in detail?

Are you saying that you have router behind a wireless bridge, or that you have a mikrotik router set up as a wireless bridge/AP.

Please be more specific so that we can help.

Thanks,

Dan
 
the_time
newbie
Topic Author
Posts: 28
Joined: Sun Sep 26, 2004 5:14 pm

Sat Dec 04, 2004 10:49 pm

I'll tyr to explain my confguration I've got a Mikrotik which is conceted with cisco aironet on mikrotik ap thats not importnt then this router is a hotspot gateway after it is a ap bridge which is conected through ethernet at last times we are having too many problems with atacks(ddos) and viruses, in router I have blocked certain ports that are used by the virus so they don't get out but betwen clients the virus is still active and this brings the router down and all clinets show ip conflict even we use dhcp we are so tired with these problems and my question is does exicsts any way stop this or not ?!
Thanks very much in reply
the_time
 
User avatar
dwright
Member Candidate
Member Candidate
Posts: 158
Joined: Fri May 28, 2004 1:10 pm
Location: Mchenry, Il

Sat Dec 04, 2004 11:03 pm

You need to disable client to client communication. I am still not clear which of your devices is acting as the ap. If it is the mikrotik, under the wireless device that is acting as the ap, there is a setting called default forward. You need to disable that. If you are using a different device to act as the AP, Look in its setting. Look for a setting called client to client, or interclient, or something along those lines. If it doesn't have that feature, then you need to get an AP that does.

Dan
 
jarosoup
Long time Member
Long time Member
Posts: 600
Joined: Sun Aug 22, 2004 9:02 am

Sun Dec 05, 2004 12:23 am

Even if you block this traffic at your router, it will still flood everything between the clients and the router (your APs in particular). You can only do so much. As I said before, the only way to resolve this completely is to take these people off your network until they clean their machines!
 
the_time
newbie
Topic Author
Posts: 28
Joined: Sun Sep 26, 2004 5:14 pm

Sun Dec 05, 2004 12:38 am

the device that act as a ap is not mikrotik and even when we detect and block the client until they clean the computer we practicing this stragtegy for months but again having trouble.
Again thanks.
 
User avatar
Alessio Garavano
Member
Member
Posts: 304
Joined: Sat May 29, 2004 12:49 am
Location: Corrientes, Argentina
Contact:

Tue Dec 07, 2004 11:49 pm

I have a Cisco Bridge 350 too, and this have the feature PSPF, which is to not permit interclient connection... Enable this feature and your problem may be a remember.... Sorry my bad english.. Regards
Alessio
Alessio Garavano
http://www.isparg.com.ar

Who is online

Users browsing this forum: 8577, aysan, BillyVan, bpwl, poduck and 87 guests