When Mikrotik is reset, the default configuration is applied.
Mikrotik’s default configuration includes:
- A DHCP server
- A NAT rule applied to all networks
Those 2 configurations are responsible of allowing access to all users.
Here is how to fix that:
1- Disabling the DHCP Server
Go to IP > DHCP Server and disable the server as shown in the screenshot below:
2- Disable the NAT rule applied to all networks
- Go to IP > Firewall > NAT
- You’ll find a rule that has an empty src-nat IP range. It means, it does not restrict Internet to a specific range, just any range can have Internet access.
- You need to disable this rule as shown in the screenshot below:
Congrats, your users now have to authenticate before they can connect to the internet.
For more readings about configuring a basic PPP server that allows users to authenticate before having Internet access, check the following post: Basic ISP configuration using Mikrotik Routerboard