Re: [Mikrotik] Restrict hotspot interface from snooping

Wed, 06 Jun 2012 06:59:59 -0700 

Deny those addresses before the accept the port


On 6/6/2012 9:34 AM, Josh Luthman wrote:

That would let them snoop on the office network.

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Jun 6, 2012 7:50 AM, "Scott Reed"<sr...@nwwnet.net>  wrote:


What about accept src-address=172.31.31.0/24 out-interface=WAN
and deny everything else?

On 6/6/2012 1:20 AM, Josh Luthman wrote:


I have an insecured wifi (virtual AP) on my home router.  I don't mind
people using it.  I do want to make it impossible for them to ever
reach anything they shouldn't.  If I do a new subnet on ether5 or my
known subnet on ether2 (home LAN).

I was thinking I could do something like accept
src-address=172.31.31.0/24 dst-address=gateway and then drop
everything else with that src but if it's masqueraded, would that
work?  Doesn't seem to, but I haven't tested it thoroughly.

Any other suggestions or methods to try?

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
______________________________**_________________
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/**mailman/listinfo/mikrotik<http://www.butchevans.com/mailman/listinfo/mikrotik>

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS


-----
No virus found in this message.
Checked by AVG - www.avg.com
Version: 2012.0.2178 / Virus Database: 2433/5046 - Release Date: 06/05/12




--
Scott Reed
Owner
NewWays Networking, LLC
Wireless Networking
Network Design, Installation and Administration



Mikrotik Advanced Certified

www.nwwnet.net
(765) 855-1060
(765) 439-4253
(855) 231-6239


______________________________**_________________
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/**mailman/listinfo/mikrotik<http://www.butchevans.com/mailman/listinfo/mikrotik>

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS


-------------- next part --------------
An HTML attachment was scrubbed...
URL:<http://www.butchevans.com/pipermail/mikrotik/attachments/20120606/6be2b2b1/attachment.html>
_______________________________________________
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS


-----
No virus found in this message.
Checked by AVG - www.avg.com
Version: 2012.0.2178 / Virus Database: 2433/5051 - Release Date: 06/06/12




--
Scott Reed
Owner
NewWays Networking, LLC
Wireless Networking
Network Design, Installation and Administration



Mikrotik Advanced Certified

www.nwwnet.net
(765) 855-1060
(765) 439-4253
(855) 231-6239


_______________________________________________
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Reply via email to