Sorry for bringing this back up but what happens if customer is using " Xbox, Roku, Smart TV, or iPhone app or Android apps" how would I block/suspend them customers then?
Tim -----Original Message----- From: "Cameron Crum" <[email protected]> To: [email protected] Date: 12/29/15 02:09 PM Subject: Re: [AFMUG] redirect customers ip to nonpayment page on miktroik Yes. When you add an ip to the a list, if you've ever created that list before or rules that deal with the list, it will be available in the dropdown for the list name. Alternatively, you can type it in. Keep in mind it is case sensitive. We automate this through Wispmon so when a customer gets suspended, it ssh's to the router and runs the command /ip firewall address-list add address=10.x.x.x list=suspended On Tue, Dec 29, 2015 at 12:47 PM, Josh Luthman <[email protected]> wrote: When you add the firewall rules you'll "create" the address-list. When you add IPs to it, you'll see it in the drop down menu (I'd suggest this over typing it when adding IPs to rule out mistakes). Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Dec 29, 2015 at 1:44 PM, Tim Reichhart <[email protected]> wrote: Cameron do I need to make an separate list for suspended customer name with ip address with this code? Tim -----Original Message----- From: "Cameron Crum" <[email protected]> To: [email protected] Date: 12/29/15 01:20 PM Subject: Re: [AFMUG] redirect customers ip to nonpayment page on miktroik and that nat rule needs to be at the top of your rules. On Tue, Dec 29, 2015 at 12:19 PM, Cameron Crum <[email protected]> wrote: Here is the setup script...obviously you need to adjust the urls and address range on the last line to fit your needs. /ip firewall filter add action=accept chain=input comment=\ "Allow Proxy - redirect suspended users" disabled=no dst-port=16099 \ protocol=tcp add action=jump chain=forward disabled=no jump-target=Suspended \ src-address-list=suspended add action=accept chain=Suspended disabled=no dst-port=443 protocol=tcp add action=accept chain=Suspended disabled=no \ dst-port=53 protocol=udp add action=log chain=Suspended disabled=no dst-address-list=!PaymentGateway \ limit=5/1m,10 log-prefix="" add action=reject chain=Suspended disabled=no reject-with=\ icmp-admin-prohibited /ip firewall nat add action=redirect chain=dstnat comment="Redirect Rule for suspend users - chan\ ge To Address under action to portal page" disabled=no dst-port=80 \ protocol=tcp src-address-list=suspended to-ports=16099 /ip proxy set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=no enabled=\ yes max-cache-size=none max-client-connections=600 max-fresh-time=3d max-server-connections=\ 600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=16099 serialize-connections=no src-address=\ 0.0.0.0 /ip proxy access add action=allow disabled=no dst-host=www.mycompany.com add action=deny disabled=no redirect-to=https://www.mycompany.com/redirectpage.html src-address=\ 10.x.x.x/x On Tue, Dec 29, 2015 at 12:14 PM, Ken Hohhof <[email protected]> wrote: With everyone switching to "devices" and "apps", some people never see a redirect or in-browser notification. If it doesn't show up on the Xbox, Roku, Smart TV, or iPhone app, they never see it. From: [email protected] Sent: Tuesday, December 29, 2015 11:47 AM To: [email protected] Subject: Re: [AFMUG] redirect customers ip to nonpayment page on miktroik http://www.perftech.com/ From: Cameron Crum Sent: Tuesday, December 29, 2015 10:28 AM To: [email protected] Subject: Re: [AFMUG] redirect customers ip to nonpayment page on miktroik If your customers have static ip assignments you can use an address list and web proxy. If not, then there probably is no other way. On Tue, Dec 29, 2015 at 11:25 AM, Tim Reichhart <[email protected]> wrote: I am looking to redirect customers ip to non-payment page on miktroik and I do nat at core router and i dont have radius setup. Tim
