I'm quite confident I am not the first to want to implement such rules. I am really surprised if there would be no solution to this relatively simple request. As a result, there would be no time-based restrictions in place (b/c I do not know the random/spoofed MAC address) Since I don't have this new MAC address (it could be anything if spoofed), Asus/Merlin router would assigns a dynamic IP address, which I cannot know beforehand (b/c it is dynamic and not static). Here is my scenario: child's iPhone connects with a random MAC (which is standard functionality on iPhone / Android / Windows nowadays) or they install an app that spoofs the device MAC. Still, I'm not sure how any of these things (that I implemented already) could help. The other things (like time-based restrictions based on MAC address and static IP address) I mentioned (and implemented) as well. Let me know if I am missing anything here and it could be implemented in some other way that I am not aware of. I googled disabling MAC address change per network and the answer is related to MAC filtering - which is what I was referring to when I mentioned whitelisting MAC addresses (it is a type of MAC filtering, the other type is blacklisting). Is there a way to accomplish something similar with Merlin? The beauty is that whatever device is not recognized by the static assignment would be banned from the internet However, when a device randomizes it's MAC address, than it would get assigned a dynamic IP (in 201-254 range) and denied internet. So, if a device uses its own MAC (or a MAC that is recognized based on the static assignment list), it would get assigned a static IP (in 1-200 range) and would follow whatever restrictions are in place (for its IP address which corresponds to a MAC address). With Gargoyle, I can specify all IPs in 201-254 range are now allowed to access internet. Also time-based restrictions in Asus/Merlin are based on MAC address, not IP - which creates an even bigger headache for me b/c is a device is going to spoof its MAC address, how can I know it beforehand so I can block it?įor comparison purposes, I had a Gargoyle router and over there is was quite easy to implement my requirement: static IP assignment for all devices (in 1 to 200 range), DHCP would only dynamically assign (in 201 to 254 range). Maybe I am missing something and that is why I am asking for help. only works with wireless connections, have to whitelist on both 2.4 and 5 GH even though is was listed as a static IP assignment, the ugly limit of 64 entries, what happens with wired connections?). One potential avenue in Asus/Merlin world, would be to whitelist MAC addresses, but I found it cumbersome at best (i.e. The challenge I am facing is that these days, many devices (such as phones and iPads) can randomize their MAC address, thus getting assigned another IP address and bypassing any time-based restrictions I have in place. So far so good, other than the low limit of 64 such static IP assignments - I am assuming this limit is on ASUS, not Merlin I noticed that with Asus/Merlin, I can tie a device's MAC address to a static IP address and noticed that I can implement time-based restrictions based on MAC address. With the old router (Gargoyle), I would block kids' devices based on time restrictions. I am new to ASUS devices and Merlin firmware (just upgraded to Merlin yesterday) and I am trying to transition the router functionality from another router to Asus/Merlin device (RT-AC86U).
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |