Community discussions

MUM Europe 2020
 
User avatar
kolorasta
Member Candidate
Member Candidate
Topic Author
Posts: 299
Joined: Sun Jun 25, 2006 11:55 pm
Location: Argentina

Rougue DHCP server

Tue Oct 30, 2007 2:07 am

I have read other post but they suggest using some apps to find rouge dhcp server...
but this is not what i want... i want some firewall rules only allow dhcp leases from my dhcp server.

Las weekend i had lot of problems because accidentally a client plug internet connection in the lan port of his router instead of plugging it in the wan port.... ahhhhhhhh lot of headache
 
User avatar
jwcn
Forum Guru
Forum Guru
Posts: 1501
Joined: Sun Aug 27, 2006 6:49 am
Location: Maryland, USA
Contact:

Re: Rougue DHCP server

Tue Oct 30, 2007 2:54 am

Same problem here. You should be able to filter DHCP requests through the firewall but what about the clients that aren't connecting through a firewall i.e. on the same AP?
 
User avatar
Letni
Member
Member
Posts: 375
Joined: Tue Dec 05, 2006 5:16 am
Location: South Carolina

Re: Rougue DHCP server

Tue Oct 30, 2007 4:38 am

I do not do a lot of wireless AP's with mikrotik, but I have read that you can uncheck the 'default forward' option to stop clients from passing traffic to each other on the same AP. This may help you. Otherwise I think you would have to add a /bridge filter rule to match and drop what you want.

-Louis
 
User avatar
Gunzoid
Frequent Visitor
Frequent Visitor
Posts: 90
Joined: Tue Jun 12, 2007 6:21 am
Location: New Hampshire, USA
Contact:

Re: Rougue DHCP server

Tue Oct 30, 2007 4:42 am

That happened to me last year. I tracked it down by foot and smashed it into a thousand pieces.
Very satisfying.
 
User avatar
kolorasta
Member Candidate
Member Candidate
Topic Author
Posts: 299
Joined: Sun Jun 25, 2006 11:55 pm
Location: Argentina

Re: Rougue DHCP server

Tue Oct 30, 2007 5:20 am

Same problem here. You should be able to filter DHCP requests through the firewall but what about the clients that aren't connecting through a firewall i.e. on the same AP?
i think that Lerni is right... you have to disable "default forward" in the ap (and in every client in the access list, if you have any) and then use firewall rules in the AP... WHAT RULES??? that's what i wanna know
 
User avatar
tgrand
Long time Member
Long time Member
Posts: 671
Joined: Mon Aug 21, 2006 2:57 am
Location: Winnipeg, Manitoba, Canada

Re: Rougue DHCP server

Tue Oct 30, 2007 6:25 am

Here is a link to a message which has enough information to create your required rules:

http://forum.mikrotik.com/viewtopic.php ... hilit=dhcp
 
User avatar
kolorasta
Member Candidate
Member Candidate
Topic Author
Posts: 299
Joined: Sun Jun 25, 2006 11:55 pm
Location: Argentina

Re: Rougue DHCP server

Thu Feb 28, 2008 2:29 pm

suppose that 192.168.2.1 is my dhcp server.
i want to block rogue dhcp servers in my network

putting this rule in ip/firewall/filter in every MT device in my network will block leases from rogue dhcp servers???

chain=forward action=drop dst-address=!192.168.2.1 dst-port=67 protocol=tcp

Who is online

Users browsing this forum: No registered users and 25 guests