hello all

lately i saw a host appear in the hosts with dynamic ip address

i dont know how external ip come into my private network

the ip is 163.121.94.2

i dont know where it come form also it tries to log in by mac ?????!!!! also dont know why

cant trace cant ping

cant block from my routers

i tried aloot and aloot

how to block that mac and ip from trying to log in by mac
and remove that ip from hosts
thanks in advance

To drop all packets coming to your router from that address:

/ip firewall filter add chain=input src-address=163.121.94.2 action=drop

However, that perso can just change their IP and try again from a new IP. I don't think there is a way to blck by MAC address. If not, that is a good suggestion.

If you are not using mac-telnet you can disable it.
/tool mac-server print
/tool mac-server disable 0 or /tool mac-server remove 0

If you don't use static IP's on your network and only use dhcp, you can disable arp queries, but be sure to add add arp to your dhcp.
/ip dhcp-server set <dhcp> add-arp=yes
/interface ethernet set Local arp=reply-only

You can also restrict connecting to the router from only your IP
/ip firewall filter add chain=input src-address=<yourIP> action=accept
/ip firewall filter add chain=input action=drop
Be careful not to lock yourself out though, and you might want to set up a static MAC address mapping for your computer.

Cory

You can block mac-addresses in the bridge firewall ruleset.


Regards
Lutz

13:37:20 hotspot,info,debug 00:1D:0F:E2:E3:D0 (10.0.0.7): login failed:
invalid username or password
13:38:03 hotspot,info,debug 00:1D:0F:E2:E3:D0 (10.0.0.20): trying to log in
by mac
13:38:03 hotspot,info,debug 00:1D:0F:E2:E3:D0 (10.0.0.20): login failed:
invalid username or password

here is what i see in the log

also that mac add in the hosts window appear also with the ip 163.121.94.2

i do the rules you mentioned guyes and also i am still having this issue ??!!!!!
HEEEEEEEEEELP

Hm, first of all, this is the way, a open HotSpot work. It's an open WLAN but at the end you need credentials to use the infrastructure. So where is the problem. Because of missing username/password, this user can't log in and use your HotSpot for internet access.

I belive if you execlude this mac, he will try login with an offer wlan card / mac.

Their are different possibilities to secure this environment, but first of all you should think of all the changes if you secure the wlan. You will find How tos in the manual.


Regards
Lutz

this is not wireless network at all

this network have 2 routers and 1 network and hotspot active that is only

the Maine problem that this mac always try to log in by mac

some time it use other users ip !!!!!

this cause the user to hang :S

any suggestions

OK I think I found it. If you really want to drop this user's MAC.

/ip firewall filter chain=input action=drop src-mac-address=00:1D:0F:E2:E3:D0 \
comment="Drop conections to the router"

/ip firewall filter chain=forward action=drop src-mac-address=00:1D:0F:E2:E3:D0 \ comment="Drop connections through the router"

Bt then he can just spoof another MAC address (if he knows how) and keep trying.