Question
Idea to block NAT-Router searched
Hi,
I have some clients who are installing a NAT-Router behind the Firewall to span their own WIFI. The NAT devices are from different vendors with different MACs.
Has anyone an idea how to detect these NAT-devices irrespective of their MAC / IP-adress and how to deny all the traffic from these devices?
My intent is to block all traffic, where IP pakets have a different ttl than 128 / 64 but how can I solve this with fortinet.
Regards
Robert