How to keep device connected to lan but block its access to the cloud/web

How to keep device connected to lan but block its access to the cloud/web

How to keep device connected to lan but block its access to the cloud/web
How to keep device connected to lan but block its access to the cloud/web
2024-05-18 14:36:54 - last edited 2024-05-20 11:25:56
Model: Archer VR600  
Hardware Version: V3
Firmware Version: 230809

I have an inverter and I managed to read its data into my smart home system using the modbus protocol. Now I want to keep being able to read its data, so keeping it connected to the lan and accessible by other devices, but block it from accessing the web/internet, so that the data is not sent to the cloud (as a matter of privacy).

From all that I could read my router seems to only be able to totally block the access of a device to the internet AND LAN via the advanced -> security -> access control tab. I would also say that the modbus query is on port 502 of the inverter. Any help in the form of a step-by-step solution is greatly appreciated smiley

  0      
  0      
#1
Options
1 Accepted Solution
Re:How to keep device connected to lan but block its access to the cloud/web -Solution
2024-05-20 09:02:34 - last edited 2024-05-20 11:25:56

  @averter 

 

Hi, you may try Service Filtering.With Service Filtering, you can prevent certain users from accessing the specified service, even block Internet access completely.

    1. Log into the web-based interface via http://tplinkmodem.net

    2. Go to Advanced >Security > MAC Filtering > enable Service Filtering>Select Service Type as Any(ALL) >Select Starting Port as 1, Ending Port as 65535 > then the IP address obtained by your smart home system may have no access to the internet.

Recommended Solution
  0  
  0  
#2
Options
2 Reply
Re:How to keep device connected to lan but block its access to the cloud/web -Solution
2024-05-20 09:02:34 - last edited 2024-05-20 11:25:56

  @averter 

 

Hi, you may try Service Filtering.With Service Filtering, you can prevent certain users from accessing the specified service, even block Internet access completely.

    1. Log into the web-based interface via http://tplinkmodem.net

    2. Go to Advanced >Security > MAC Filtering > enable Service Filtering>Select Service Type as Any(ALL) >Select Starting Port as 1, Ending Port as 65535 > then the IP address obtained by your smart home system may have no access to the internet.

Recommended Solution
  0  
  0  
#2
Options
Re:How to keep device connected to lan but block its access to the cloud/web
2024-05-20 11:25:50

  @Marvin_S 

Thanks Marvin. I might not have been clear, in that it's not the smarthome system that I want to block; that one is getting the data and storing it locally. It's the inverter which needs to be blocked from communicating with the exterior/cloud. I've managed to solve the issue by using a pi-hole raspberry to block the inverter, but I'll accept your solution as recommended nonetheless. I'm also writing below the complete step-by-step process for the benefit of everyone:

  1. In pi-hole user interface go to groups
  2. Create a new group, e.g. "block external" and click add.
  3. Move to the clients tab, select the inverter in the known clients tab, assign it a name, e.g. "solax inverter", and click add

  4. In the group assignment remove it from any default group and put it only in the block external group

  5. Move to the domains tab, add a regex filter with the wildcard .*, comment "entire web" and add to blacklist

  6. Assign the previously defined "block external" group to the regex filter and restart your router.

  7. voilá

  0  
  0  
#3
Options