IP Spoofing? Can't block access


#1

Hi… I am trying to block bandwidth abusers. I use the Balance 20. I can only do this by linking MAC address to IP then creating rule denying traffic. I have a few users who are immune to this. They continue to consume bandwidth even after I’ve blocked their IP. I assume they are spoofing their IP. How can I stop this? Is there a way to limit IPs to just DHCP addresses and not allow static addresses by users outside the DHCP range? Or any other ideas? Help!


#2

Hi Matthew… You could define a smaller network on your LAN by changing the subnet mask and then match that up with the DHCP server settings as well.


#3

Thanks Tim. I may have found my problem. I had made a firewall rule with all all protocols, any addresses and then clicked enable log files. This rule was above some of the rules I made blocking IPs. I think because it has precedence (all addresses and all protocols) the rules below didn’t work. I moved that rule down to the bottom and now blocking seems to be working. Does that make sense?


#4

Hi Matt, yes this makes sense… The firewall rules are enforced from the top of the list and move down from there.

Glad you figured it out :slight_smile:


#5

Thanks Tim. On a related note, without purchasing a more expensive Peplink router, is there any other ways to limit bandwidth, throttle bandwidth or deny bandwidth to users on the Balance 20? Especially torrent users?


#6

You would need to upgrade to the powerful Balance 380 model or above.