Answer the question
In order to leave comments, you need to log in
Why doesn't Kerio Control see client MACs behind the Mikrotik gateway?
Good afternoon! The question may seem strange and running into RTFM, but I can’t formulate it for a normal search query in google ...
There is Mikrotik Hex S, which is a gateway for local network computers. He is responsible for internal routing between the central building and 8 remote clinics, connected via openVPN and RRAS. Everything works fine, there is no need to prescribe routes anywhere, I do everything exclusively on it.
After Mikrotik, I have Kerio Control, which already manages guest Wi-Fi and distributes the Internet to all clients of the local network of the central building.
On Mikrotik, the only thing that is prescribed for client access to the Internet is IP-Routes 0.0.0.0/0 leading to IP Kerio Control. Neither NAT nor Firewall Rules are used to access the Internet on Mikrotik... Everything that is on the Internet is controlled by Kerio.
But in Kerio Control, when I look at clients in Active Hosts, I observe the IP addresses of machines and all have the only MAC address - this is Mikrotik's MAC.
I am more a practitioner than a theoretician, I feel in my gut that this is how it should be, however, from time to time, some clients skip their "native" MAC, but then return to Mikrotik again. And the inner perfectionist wants to be able to manage and observe clients by MAC too...
Thanks in advance!
Answer the question
In order to leave comments, you need to log in
And why should behind the gateway?
MAC is L2. If you route traffic, but do not switch - this is L3, there will be no MAC addresses from different networks here.
If you want to see the MAC - reconfigure everything into one L2 segment. It just doesn't make sense.
There is only a packet in the networks, on l2 the packet goes from one poppy to another, on l3 from one ip to another. Draw for your case where and how packages are encapsulated in a simplified form and everything will fall into place. Those. there is a computer, it sends a packet to Mikrotik, and write down what will happen to this packet further and what addresses will be where.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question