This is one of the features in hotspot which is very important to know that , As you are working in ISP and you are having a big customer-base in that case once all of your will be connected to the hotspot interface in that case you can see some of the IP list in your HOTSPOT's host lists which is not your LAN ip .SO you have to block all the IP address except your LAN IP .
Here in my case I am using 4 IP pools which is given below .
100.0.1.1/24
100.0.2.1/24
100.0.3.1/24
100.0.4.1/24
But I am going to see in hotspots host list it's showing me some IP pools which is not being used in my network. So i have to block all the IP except my LAN ip .
As you can see in my below picture , I have allowed all my network and in the end i have blocked all the IP which means (0.0.0.0/0). This rules means all the IP's will be blocked except my 4 ip pool ,
NOTE;-The blocking rules should be in last .Because if there is permitted rule which is existed after the denying rule in that case the permitted rule will not work .So the block or deny rules should be in the last . Because the rules are checking in ascending order(0--1--2--3--3---4...100).
Please find the commands below .
/ip hotspot ip-binding
add address=100.0.1.0/24
add address=100.0.2.0/24
add address=100.0.3.0/24
add address=100.0.4.0/24
add address=0.0.0.0/0 type=blocked
No comments:
Post a Comment