[Mikrotik] Restrict hotspot interface from snooping

Josh Luthman josh at imaginenetworksllc.com
Wed Jun 6 08:34:05 CDT 2012


That would let them snoop on the office network.

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Jun 6, 2012 7:50 AM, "Scott Reed" <sreed at nwwnet.net> wrote:

> What about accept src-address=172.31.31.0/24 out-interface=WAN
> and deny everything else?
>
> On 6/6/2012 1:20 AM, Josh Luthman wrote:
>
>> I have an insecured wifi (virtual AP) on my home router.  I don't mind
>> people using it.  I do want to make it impossible for them to ever
>> reach anything they shouldn't.  If I do a new subnet on ether5 or my
>> known subnet on ether2 (home LAN).
>>
>> I was thinking I could do something like accept
>> src-address=172.31.31.0/24 dst-address=gateway and then drop
>> everything else with that src but if it's masqueraded, would that
>> work?  Doesn't seem to, but I haven't tested it thoroughly.
>>
>> Any other suggestions or methods to try?
>>
>> Josh Luthman
>> Office: 937-552-2340
>> Direct: 937-552-2343
>> 1100 Wayne St
>> Suite 1337
>> Troy, OH 45373
>> ______________________________**_________________
>> Mikrotik mailing list
>> Mikrotik at mail.butchevans.com
>> http://www.butchevans.com/**mailman/listinfo/mikrotik<http://www.butchevans.com/mailman/listinfo/mikrotik>
>>
>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>> RouterOS
>>
>>
>> -----
>> No virus found in this message.
>> Checked by AVG - www.avg.com
>> Version: 2012.0.2178 / Virus Database: 2433/5046 - Release Date: 06/05/12
>>
>>
>>
> --
> Scott Reed
> Owner
> NewWays Networking, LLC
> Wireless Networking
> Network Design, Installation and Administration
>
>
>
> Mikrotik Advanced Certified
>
> www.nwwnet.net
> (765) 855-1060
> (765) 439-4253
> (855) 231-6239
>
>
> ______________________________**_________________
> Mikrotik mailing list
> Mikrotik at mail.butchevans.com
> http://www.butchevans.com/**mailman/listinfo/mikrotik<http://www.butchevans.com/mailman/listinfo/mikrotik>
>
> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
> RouterOS
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.butchevans.com/pipermail/mikrotik/attachments/20120606/6be2b2b1/attachment.html>


More information about the Mikrotik mailing list