Community discussions

MikroTik App
 
hrober
newbie
Topic Author
Posts: 41
Joined: Fri Jun 02, 2006 3:32 pm
Location: Brazil

PPPoE and blocking customer

Mon Nov 12, 2007 3:39 pm

Hi guys.

I'm thinking to migrate my network to PPPoE, delivering ip automaticaly (pool of ips, not fixed). Today I block a customer with some firewall rules on the gateway (ip addressing is fixed today), redirecting all http request to page warning about the reason of block.

With PPPoE, using randon ip address, How can I do it ? is there radius attribute to MARK (on firewall) the user connection ?

thx
 
User avatar
winxp2000
Member Candidate
Member Candidate
Posts: 113
Joined: Mon Jan 30, 2006 8:57 pm
Location: China
Contact:

Re: PPPoE and blocking customer

Tue Nov 13, 2007 9:20 am

Block his MAC address.
 
User avatar
t3rm
Member Candidate
Member Candidate
Posts: 143
Joined: Sat Aug 04, 2007 1:57 pm
Location: Bandung - WJ - Indonesia

Re: PPPoE and blocking customer

Tue Nov 13, 2007 11:05 am

Hi guys.

I'm thinking to migrate my network to PPPoE, delivering ip automaticaly (pool of ips, not fixed). Today I block a customer with some firewall rules on the gateway (ip addressing is fixed today), redirecting all http request to page warning about the reason of block.

With PPPoE, using randon ip address, How can I do it ? is there radius attribute to MARK (on firewall) the user connection ?

thx

With PPPoE you can still give your users static ip.

:lol:
 
hrober
newbie
Topic Author
Posts: 41
Joined: Fri Jun 02, 2006 3:32 pm
Location: Brazil

Re: PPPoE and blocking customer

Tue Nov 13, 2007 1:20 pm

With PPPoE you can still give your users static ip.
t3rm thx for reply,

I know this feature, but in this way, I'll must create static firewall rules. I'd like to create rules dynamically.
Something like it:

"change radius attribute and user traffic go to block chain on the firewall"

I found the Filter-ID attribute, but it not work for me, because the traffic through by filter chain, and I need that it through by dstnat chain/nat table (I need make dnat in http request).

Do you understanding me ?
 
UniKyrn
Member Candidate
Member Candidate
Posts: 245
Joined: Fri Dec 24, 2004 9:27 pm
Location: Spokane, WA

Re: PPPoE and blocking customer

Tue Nov 13, 2007 5:43 pm

If they're authenticating to your network via PPPoE, why don't you simply change their password to block them?
 
hrober
newbie
Topic Author
Posts: 41
Joined: Fri Jun 02, 2006 3:32 pm
Location: Brazil

Re: PPPoE and blocking customer

Tue Nov 13, 2007 9:00 pm

If they're authenticating to your network via PPPoE, why don't you simply change their password to block them?
Because I need redirect all http traffic to my http-server warning the customers about the reason of block.

thank you
 
UniKyrn
Member Candidate
Member Candidate
Posts: 245
Joined: Fri Dec 24, 2004 9:27 pm
Location: Spokane, WA

Re: PPPoE and blocking customer

Tue Nov 13, 2007 9:17 pm

I have to suspect that if they can't login to your network, they'll call and you can tell them the reason they're blocked that way. :)

If you let them on your network, I'd recommend that you at least assign them an IP that you don't route to the Internet. Then route all traffic from that IP network to your webserver using port forwarding at the AP.
 
hrober
newbie
Topic Author
Posts: 41
Joined: Fri Jun 02, 2006 3:32 pm
Location: Brazil

Re: PPPoE and blocking customer

Wed Nov 14, 2007 7:20 pm

I have to suspect that if they can't login to your network, they'll call and you can tell them the reason they're blocked that way. :)

If you let them on your network, I'd recommend that you at least assign them an IP that you don't route to the Internet. Then route all traffic from that IP network to your webserver using port forwarding at the AP.
It's not the best solution, but work too. :-)

Who is online

Users browsing this forum: Bing [Bot], erlinden, gigabyte091, onnyloh, reinerotto, TheCat12 and 69 guests