Skip to content Skip to sidebar Skip to footer

Restrict connection sharing with 'Change TTL' In MikroTik

Article

Restrict connection sharing with 'Change TTL'


By using MikroTik we can limit the connection of the client. For example when we need a network setting where the connection can only be done with one device. If we want to spread the connection again, then it can not be done.


Such mechanisms may be used to limit wireless connection sharing in public areas or hotspot services. This is intended so that the connection can only be used by devices connected directly to the router, and can no longer be shared by the device from the client (especially sharing the connection using the router).


Then, how is the configuration in MikroTik for the above needs?



Restrict connection sharing with Change TTL In MikroTik.PNG


The outline of the configuration is that we will change the TTL (Time To Live) value of the packet download leading to the client. Here we'll change it to a value of '1'. For mikrotik itself we can do that configuration on the firewall menu mangle.


Firewall Mangle Restrict connection sharing with Change TTL In MikroTik.PNG


After the above configuration is added, when tested for connected devices directly can access the internet. While the device is connected through connection sharing, it cannot access the internet.

Ping Smartphone Restrict connection sharing with  Change TTL  In MikroTik.PNG

Test PING from Smartphone


Test Ping Wireless Restrict connection sharing with Change TTL In MikroTik.PNG
Test Ping Client


If seen from each PING test performed on both devices above is visible for the TTL value to '1'. While the PING test conducted on the device connected to the Wireless Router Client will automatically 'Request Timeout'. This is because the packet heading to the device is dropped because of the TTL value in packet header '0 (Zero)'.


If ping test is done from AP Router with the purpose of the device connected to the wireless router client will appear error with status 'TTL Exceeded'.


TTL Restrict connection sharing with Change TTL In MikroTik.PNG


Note:

Conceptually any packet data that passes through the network from 'source address' to 'destination address' will be added ttl value information. This TTL value will be subtracted one by one each passing through the gateway (Layer3 device/Router).

Dani31
Dani31 2012 pertamakali Melakukan Blongging dani31 great web for support dani31 About Me About Me dani31