IP Spoofing? Can't block access

Hi… I am trying to block bandwidth abusers. I use the Balance 20. I can only do this by linking MAC address to IP then creating rule denying traffic. I have a few users who are immune to this. They continue to consume bandwidth even after I’ve blocked their IP. I assume they are spoofing their IP. How can I stop this? Is there a way to limit IPs to just DHCP addresses and not allow static addresses by users outside the DHCP range? Or any other ideas? Help!

Hi Matthew… You could define a smaller network on your LAN by changing the subnet mask and then match that up with the DHCP server settings as well.

Thanks Tim. I may have found my problem. I had made a firewall rule with all all protocols, any addresses and then clicked enable log files. This rule was above some of the rules I made blocking IPs. I think because it has precedence (all addresses and all protocols) the rules below didn’t work. I moved that rule down to the bottom and now blocking seems to be working. Does that make sense?

Hi Matt, yes this makes sense… The firewall rules are enforced from the top of the list and move down from there.

Glad you figured it out :slight_smile:

Thanks Tim. On a related note, without purchasing a more expensive Peplink router, is there any other ways to limit bandwidth, throttle bandwidth or deny bandwidth to users on the Balance 20? Especially torrent users?

You would need to upgrade to the powerful Balance 380 model or above.