I have this issue, a user has placed a wireless router on the LAN and it is giving open access. Looks like he has it setup so that the wireless router is getting an IP from my m0n0wall and the wireless router is then giving out other addresses.
I was thinking if I could juest deny that MAC address from getting an IP address I could stop this from happening, but I dont see where I can deny an IP, I can only deny unkown clients which means I would have to add every other client in there.
Another thought, if this user puts the wireless router into "access Point" mode where it basically just passes along DHCP requests, how can you stop something like this?
|