Every ISP has to deal with bad paying customers. MikroBill offers several solutions for this kind of issue. It is always about customer's authentification, for example if there is MikroBill Radius server used in the network, the bad payers have been redirected to a special page stating the invoice is in overdue and therefore has a limited access to the Internet.

If the API is used for the authentificationand everything is being recorded into the access routers, use following process:

Each customer receives an invoice at the beginning of the month. After a certain time period the invoice gets in an overdue. In this example the overdue begins 14 days after the invoice is issued. The bad payer has been blocked 5 days after the overdue. After another 10 days, 15 days in total, the customer is no longer being connected or invoiced. Everything can be set up in Global configuration:


When the customer gets blocked (e.g. 19 days in overdue), trere are 2 manners how to disconnect him:
One is to erradicate rules from the router - the customer has a record in DHCP leases, Hotspot users, PPP secrets, or in Firewall rules. Relevant record is simply deleted.
Second manner is more elegant - bad payer's IP address is put into an Address List while the administrator creates a rule where to redirect the disconnected customer. Following figure shows how to activate and set the Address List in MikroBill:


Bd payer's IP address has been listed into the Address List. See the following figure showing an example of 3 blocked users and their IP addresses listed in Blocked List (it is possible to pick another name of the blacklist):


Below are rules for redirecting blocked end-users :

/ip firewall nat add chain=dstnat protocol=tcp dst-port=80 action=redirect to-ports=8080 src-address-list=Block

/ip firewall filter add chain=forward src-address-list=Block protocol=udp dst-port=53 action=accept add chain=forward dst-address-list=Block protocol=udp src-port=53 action=accept add chain=forward src-address-list=Block action=drop

/ip proxy set enabled=yes /ip proxy access add action=allow disabled=no dst-address= add action=deny disabled=no redirect-to=""

One important comment - if you use IP Firewall IP/MAC type of authentication in your Mikrobill, you have to put rules for ip firewall to IP firewall in MikroBill, like it's shown below :

© 2013 MikroBill, all rights reserved