RESOLVED - UPDATE 4 **** RE450 - Rogue Connected 2.4ghz Clients ****

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

RESOLVED - UPDATE 4 **** RE450 - Rogue Connected 2.4ghz Clients ****

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
RESOLVED - UPDATE 4 **** RE450 - Rogue Connected 2.4ghz Clients ****
RESOLVED - UPDATE 4 **** RE450 - Rogue Connected 2.4ghz Clients ****
2021-03-10 16:28:29 - last edited 2021-03-11 20:35:17
Model: RE450  
Hardware Version: V3
Firmware Version: 1.0.2 Build 20201203 Rel. 80349

Ever since upgrading to 1.0.2 Build 20201203 Rel. 80349 I am experiencing a rogue wifi attachments on the 2.4ghz network side of my RE450 extender.

 

The MAC addresses are always the same and always immediately attach after the RE450 device is started.  

 

The addresses are in the form of  D4-DA-CD-xx-xx-xx. and. D6-ED-66-xx-xx-xx.

 

Looking this up the first one equates to a BSkyB device and I don't have anything of this nature in my house.  I have no Sky Q box or other Sky extenders.  For my sins I'm a Virgin Media customer with wifi sharing turned off.  The MAC addresses do not appear to connect to the Virgin Hub 3 network with the extender switched off.  So either the signal is too weak for it to get to the main Hub 3 or its an issue solely related to the RE450.  I have no idea what the second MAC address relates to.  It is unknown in the MAC address vendor list.  I have made sure none of these addresses match any of my private iOS14 addresses on my iOS devices.

 

I have not shared the network password so I have no idea how this device is attaching.  WPS is turned off on the Hub 3.  More strangely, changing the wifi access password has no effect either and the devices reappear as connected after the RE450 restarts.  The only way to not have them connect is to put them in the blacklist of the access control, which I have now had to do.  I simply cannot stop them connecting to the RE450.  No matter what I do and I don't know where the devices are, if indeed they are real.  They are not connecting to the Hub 3 with the RE450 switched off.  

 

Once blacklisted no other rogue devices are appearing.  Just these 2.  I have switched everything off in my house apart from my laptop and the extender and sure enough the rogue devices appear immediately.

 

Can anyone help me with this or make any suggestions.  My clients are soley Mac and iOS devices with a smattering of smart home kit.  Again TPlink mainly.

 

I think I may try a complete factory reset tomorrow and rebuild my RE450 blacklist and config from scratch (easy enough).

 

Many Thanks in advance

RADAR

 

***** UPDATED *****

I have now renamed the networks on the RE450 extender so they are different to my Hub 3 names.  Very, very worryingly the 2 rogue devices immediately appear as attached to the 2.4ghz network there. How is this possible? The network name is completely new and, as above, even with a new wifi password they also immediately appear as attached.

I am now going to factory reset the device and try again to see what happens.

 

***** UPDATE 2 *****

I am now at an utter loss.  I have factory reset the RE450, downgraded the firmware to 1.0.1 Build 20190124 Rel. 56886 and the issue still occurs.  The 2 MAC addresses immediately become attached.

Worst still is that I have now completely reconfigured my Hub 3 with new 2.4 and 5ghz network names and passwords, reconfigured the RE450 to attach and these 2 rogue devices are right there, attached as soon as the RE450 reboots.  They cannot possibly know the new password or network names yet they are attached.  HOW IS THIS POSSIBLE??

For now I am resetting everything back to how it was before and blacklisting the 2 devices as nothing else attaches when that are added to the access list.  I'll upgrade the firmware back top what it was and hope for the best and that someone can see this post and give some guidance.  To reiterate I have switched off ALL wifi devices on my network, checked the rogue devices are not iOS14 private MAC and they still appear from nowhere. 

 

***** UPDATE 3 *****

I am now beginning to wonder and doubt myself.  Could it be that these 2 addresses are in fact something to do with the Hub 3 and not a rogue outside client?  I know the one MAC address has been identified as BskyB but where on earth else could the clients be coming from so immediately and after a full network name / password change??  I have tried everything I can think of tio rid myself of these clients but they always return.

 

***** UPDATE 4 *****

For anyone interested oin a plausible, rational explaination to this issue, please refer to this URL:

https://community.virginmedia.com/t5/Networking-and-WiFi/MAC-address-Query/td-p/4651462/highlight/false

  0      
  0      
#1
Options