Page 1 of 1

strange IP segments into my hotspot pool...

Posted: Tue May 26, 2009 7:20 am
by mushmx
Hi guys

I have a strange case with my Hotspot the last days, Into the section "IP/Hostpot/Host" many IPs with diferent segments that my pool don't have, some like this:

My pool (10.5.50.2-10.5.50.254)

Example:
# MAC-ADDRESS ADDRESS TO-ADDRESS SERVER IDLE-TIMEOUT
0 P ;;; Biblioteca
00:0C:42:0A:CC:XX 10.5.50.184 10.5.50.184 hotspot1 1h
00:0C:42:0A:DD:XX 10.5.50.100 10.5.50.100 hotspot1 1h
00:0C:42:0A:AA:XX 10.5.50.10 10.5.50.10 hotspot1 1h
....
....
....
00:0C:10:CC:DD:AA 192.168.71.100 10.5.50.123 hotspot1 1h <------Strange IP Address
00:0D:12:CC:22:EE 172.16.71.10 10.5.50.145 hotspot1 1h <------Strange IP Address
00:0D:12:CC:22:EE 172.16.71.10 10.5.50.145 hotspot1 1h <------Strange IP Address
0A:0E:09:AA:22:BB 172.16.71.10 10.5.50.145 hotspot1 1h <------Strange IP Address

These IP's obtains the client and they can't login into the hotspot.

Does anybody know why happening that?

Maybe it spoofing or IP Injection?

Please some tips to resolve the trouble!!

thanks

Re: strange IP segments into my hotspot pool...

Posted: Tue May 26, 2009 4:21 pm
by sergejs
It might bet that some clients use bridges/routers to connect to HotSpot.

Use ip-binding to allow HotSpot access only from /ip pool subnet,
/ip hotspot ip-binding add address=x.x.x.x/24 type=regular

and drop all other addresses,
ip-binding add type=blocked

Re: strange IP segments into my hotspot pool...

Posted: Tue May 26, 2009 7:08 pm
by mushmx
Thanks for the tip

I add the next rule in IP Binding

add address=10.5.50.0/24 disabled=no server=hotspot1
add address=0.0.0.0/0 disabled=no server=hotspot1 type=blocked

I hope that help me.

Thanks again