Community discussions

MikroTik App
  4. RouterOS
  5. General

Help with Port security SOS  [SOLVED]

Post Reply
 
kapvcop
newbie
Topic Author
Posts: 33
Joined: Sat Oct 20, 2018 4:29 pm

Help with Port security SOS

Thu Jan 14, 2021 9:41 pm

Hello, I have a hAP ac Lite routeboard, and I want to know if it is possible to configure port security, that is, if someone disconnects a computer and places another, the port is blocked for security, is it possible to do this on these computers? Thank you very much
Top
 
sindy
Forum Guru
Forum Guru
Posts: 10206
Joined: Mon Dec 04, 2017 9:19 pm

Re: Help with Port security SOS  [SOLVED]

Thu Jan 14, 2021 10:17 pm

Yes and no - 802.1x is supported like on every Mikrotik device with bridge functionality, but you need an external radius server for the 802.1x authentication. hAP ac lite doesn't have UserManager (which is an on-board RADIUS server) in ROS 6.x, so I'd be surprised if it was added in ROS 7.x (where UserManager appears to support the features needed for 802.1x).

You can use filtering by MAC address, but it can be fooled around easily.
Top
 
kapvcop
newbie
Topic Author
Posts: 33
Joined: Sat Oct 20, 2018 4:29 pm

Re: Help with Port security SOS

Thu Jan 14, 2021 11:31 pm

Yes and no - 802.1x is supported like on every Mikrotik device with bridge functionality, but you need an external radius server for the 802.1x authentication. hAP ac lite doesn't have UserManager (which is an on-board RADIUS server) in ROS 6.x, so I'd be surprised if it was added in ROS 7.x (where UserManager appears to support the features needed for 802.1x).

You can use filtering by MAC address, but it can be fooled around easily.
Thanks, It occurs to me that I could enable a radio server on my CCR1036 that it reaches via VPN. What do you think of this plan?
Top
 
kapvcop
newbie
Topic Author
Posts: 33
Joined: Sat Oct 20, 2018 4:29 pm

Re: Help with Port security SOS

Thu Jan 14, 2021 11:32 pm

Radius*
Top
 
sindy
Forum Guru
Forum Guru
Posts: 10206
Joined: Mon Dec 04, 2017 9:19 pm

Re: Help with Port security SOS

Thu Jan 14, 2021 11:35 pm

It occurs to me that I could enable a radio server on my CCR1036 that it reaches via VPN. What do you think of this plan?
If the CCR runs 7.x which is still a beta as of writing this, it could be a solution. If it runs 6.x, the UserManager doesn't provide the necessary RADIUS capabilities.
Top
 
kapvcop
newbie
Topic Author
Posts: 33
Joined: Sat Oct 20, 2018 4:29 pm

Re: Help with Port security SOS

Fri Jan 15, 2021 1:15 pm

It occurs to me that I could enable a radio server on my CCR1036 that it reaches via VPN. What do you think of this plan?
If the CCR runs 7.x which is still a beta as of writing this, it could be a solution. If it runs 6.x, the UserManager doesn't provide the necessary RADIUS capabilities.
Thanks Sindy, then, the better choice is to use a Radius Servet on Windows ir Linux...
Top
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26385
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: Help with Port security SOS

Tue Feb 02, 2021 10:19 am

Yes and no - 802.1x is supported like on every Mikrotik device with bridge functionality, but you need an external radius server for the 802.1x authentication. hAP ac lite doesn't have UserManager (which is an on-board RADIUS server) in ROS 6.x, so I'd be surprised if it was added in ROS 7.x (where UserManager appears to support the features needed for 802.1x).

You can use filtering by MAC address, but it can be fooled around easily.
"hAP" means home AP. There are more suitable models for User Manager / RADIUS server functionality
Top
 
AndyBern
just joined
Posts: 18
Joined: Wed Dec 19, 2018 10:53 pm
Contact:
Contact AndyBern

Re: Help with Port security SOS

Fri Feb 12, 2021 4:29 pm

I haven't tried yet, but I think port security can be implemented with Netwatch with a 1 or 2 second time interval.
Top
Post Reply

Who is online

Users browsing this forum: Amazon [Bot], Bing [Bot], duquesnoyinfo, Google [Bot], GoogleOther [Bot], jaclaz, Semrush [Bot] and 194 guests
  4. RouterOS
  5. General