XE-75 - is there any way to block all new connections until authorized?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

XE-75 - is there any way to block all new connections until authorized?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
XE-75 - is there any way to block all new connections until authorized?
XE-75 - is there any way to block all new connections until authorized?
2023-12-14 05:43:15 - last edited 2023-12-14 05:46:32
Model: Deco XE75 Pro  
Hardware Version:
Firmware Version:

I got a problem. There is a feature on the current mobile clients, letting them fake the MAC address. As a result, there is no way to block a particular user from accessing Internet because every time this user can use a new MAC address. In the past I've used another brand WiFi router, having ability to block any unknown user from accessing the Internet or even my LAN. It was very convenient to see all new connected devices and decide either each one has access to the Internet or not. Even more, this old router was able to reject any connection to my LAN/WiFi if the MAC address is unknown and I was given a list of the wishing to connect clients, so I could decide if I let them connect and which IP address to reserve. It seems to me this feature is not available in XE75. There is some limited "family" functionality, but it's very poor and not enough for my purpose.

  0      
  0      
#1
Options
3 Reply
Re:XE-75 - is there any way to block all new connections until authorized?
2023-12-14 18:26:41

  @DimiFox,

Unforutnately, Private Addressing is difficult to identify and block. This feature is something that will be coming soon to Decos in the next major firmware update. You can get a preview of the features in this forum post for the Deco 1.9.0 firmware update. On Archer Routers, this is only currently possible because the Access Control features you see are tied with the ARP binding table, rather than working with solely IP and MAC addresses.

 

Currently, the feature is being tested and will begin rolling out with the X55, however we do not have a specific timeframe regarding when your model may receive the update.

Furthermore, the ability to deal with these private addressing settings will improve with coming updates separate from what you see in the above posting. 

 

For now, you will need to try and disable the Private Addressing or Randomized MAC on your devices so that you can see whenever new "devices" are being added to the network. Once the setting is disabled, you can then set an IP reservation for the device since it will tie an IP address to the devices MAC Address

  1  
  1  
#2
Options
Re:XE-75 - is there any way to block all new connections until authorized?
2023-12-14 18:33:22
Those are my family member's devices and I got no control over them, unfortunately. I can also say, that I was using another router a few years ago and it was easily able to do that for me, it was super convenient, but it was able to support only 64 WiFi clients, then it was freezing, that was the main reason why I got rid of it and switch to other solutions.
  0  
  0  
#3
Options
Re:XE-75 - is there any way to block all new connections until authorized?
2023-12-14 18:49:59

  @DimiFox,

There are quite a few benefits to them if they disable it for your home network, not just for your own 'tracking' - so you may suggest it.

 

  • The handshake doesn't have to occur between the devices, along with the security scan - meaning devices can quickly reconnect and will be able to smoothly roam between nodes. Imagine the confusion your network has if your phone changes address while the network is trying to switch between Deco nodes...
  • Your Deco can work to make sure that the devices you use most often will have the best connection.
  • Random MACs may change periodically, causing interrupted sessions
  • You will likely need to login to services more often, as your phone is "changing" networks each time.
  • Tracking and Targeted content may use this information to identify your device. causing less accurate recommendations

 

I think hat this was something that was more common / easier with regular router setups, as mesh systems oftentimes do not have the full whitelist settings - hence why Archers can do exactly what you are looking for. From what I can tell, the coming features will be extremely easy to use and will work exactly the way you would like.

  2  
  2  
#4
Options