Block MAC after access point

Started by lmpzkt

Block MAC after access point   10 June 2014, 20:36

Internet ( 192.168.1.1 )
|
SPBM

TP-Link AP rule .....Both 100 KB/s TCP/UDB AP W&WL MAC Any:any Lan

Block all rule .........Both Blocked TCP/UDB 192.168.0.0-192.168.255.255:any Any:any Lan
|
TP-Link AP
|
WIFI ( 192.168.0.1 )
|
User ( 192.168.0.x )


After the access point many users can access the Internet with the 100 KB/s speed I set. How can I block MACs after AP?
SoftPerfect Support forum - Andrew avatar image

Re: Block MAC After Access Point   10 June 2014, 22:09

What are you trying to achieve?

Your first rule allows all communications with the AP, which may also include all clients behind it. It depends on whether the AP substitutes their MAC address with its own. If that's the case, the second rule does nothing.

Re: Block MAC After Access Point   12 June 2014, 00:47

Ok...
All wire clients have ip range 192.168.1.X work fine and the block rule prevent any new MAC from access to the Internet.
All wireless clients after AP can access the Internet and the block rule only affect on the AP mean that I can control the whole AP bandwidth.

The question here how the block rule will work with clients ip range 192.168.0.X that AP DHCP give to them?

I remove all rules and I let only block rule.
Block all rule .........Both Blocked TCP/UDB 192.168.0.0-192.168.255.255:any Any:any Lan

I need to connect AP to the SPBM Lan Nic and block any wireless clients expect other that I add there MAC to with ip range 192.168.0.X

Thanks
SoftPerfect Support forum - Andrew avatar image

Re: Block MAC After Access Point   12 June 2014, 11:45

The question is whether the AP conceals client MAC addresses or not.

In order to find out, create a rule with tracking turned on. With tracking enabled you can see what IP addresses and MAC addresses reach BM:

SoftPerfect support forum

Re: Block MAC After Access Point   14 June 2014, 19:16

I try to make this rule, but I don't know which (Protocol, Source, Destination, Tracking mode) I should chose.
So please can you explain more?

Re: Block MAC After Access Point   14 June 2014, 23:18

OK...
I created a rule:
Monitor Both Unlimited IPv4 based 192.168.1.2 - 192.168.1.254 Any Lan Tracking mode IP address for each source

I search the network with SPNS and found that every pc behind the AP have the AP MAC. Now we know that the AP changed the clients MAC to the AP MAC. So what is the next step?
SoftPerfect Support forum - Andrew avatar image

Re: Block MAC After Access Point   15 June 2014, 16:30

Well if the AP conceals all client MAC addresses under its own, you have to either configure it not to do so, or allow/block clients based on their IP address (that's provided the AP doesn't substitute their IP addresses also).

Re: Block MAC After Access Point   20 June 2014, 17:58

It's all about AP configuration...
In my case I have Nanostation M2 configure as AP after BM and TP-Link AP configure as Repeater. Now BM see all clients MAC after TP-Link AP. The problem was in TP-Link AP configuration, after change it to repeater every thing is going ok.

Thanks

Reply to this topic

Sometimes you can find a solution faster if you try the forum search, have a look at the knowledge base, or check the software user manual to see if your question has already been answered.

Our forum rules are simple:

  • Be polite.
  • Do not spam.
  • Write in English. If possible, check your spelling and grammar.

Author:

Email:

Subject

A brief and informative title for your message, approximately 4–8 words:

     

Spam prevention: please enter the following code in the input field below.

 ********   **     **  **     **  **     **  **     ** 
 **     **  ***   ***  **     **  **     **  **     ** 
 **     **  **** ****  **     **  **     **  **     ** 
 ********   ** *** **  **     **  **     **  **     ** 
 **         **     **  **     **  **     **  **     ** 
 **         **     **  **     **  **     **  **     ** 
 **         **     **   *******    *******    *******  

Message: