NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Is there any way to block specific device from WAN?
I have a gateway serving z-wave connected LEDs around the house. The product became abandonware so the cloud service was discontinued but I found out how to operate it on my LAN and used a Raspberry Pi to link it up to Alexa. So that's all cool now.
BUT I'm paranoid that it still tries connecting to the cloud, and that one day a firmware update could be pushed that bricks it. On my previous router, I had some rules linked to its MAC address that prevented it reaching the WAN but I can't see any way of doing this with Orbi. Any suggestions?
7 Replies
AdrianM wrote:
On my previous router, I had some rules linked to its MAC address that prevented it reaching the WAN but I can't see any way of doing this with Orbi. Any suggestions?
I believe what you want is on the Advanced tab of the web interface, under Security, Block Services. It was not obvious to me, but the way it works is you Add a block, select "Any" for the services and enter the IP address of the Z-wave controller. (or, maybe you have to have one block for TCP and another block for UDP?) (Disclaimer: I haven't set one up myself.)
From the user guide:
Block Services From the Internet
You can block Internet services on your network based on the type of service. You can block the services all the time or based on a schedule.
Ok, do "internet services" refer to WAN only (not my LAN) because I need local http access on port 80 to send commands to the gateway's REST api.
To block services:
1. Launch a web browser from a computer or mobile device that is connected to your
Orbi network.
2. Enter orbilogin.com.
A login window opens.
3. Enter the admin user name and password.
The user name is admin. The password is the one that you specified the first time
that you logged in. The user name and password are case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > Block Services.
The Block Services page displays.
5. Specify when to block the services:
• To block the services all the time, select the Always radio button.
• To block the services based on a schedule, select the Per Schedule radio button.
For information about how to specify the schedule, see Schedule When to Block Internet Sites and Services on page 50.
6. Click the Add button.
The Block Services Setup page displays.
7. To add a service that is in the Service Type list, select the application or service.
The settings for this service automatically display in the fields.
8. To add a service or application that is not the list, select User Defined.
a. If you know that the application uses either TCP or UDP, select the appropriate
protocol.
Otherwise, select TCP/UDP (both).
b. Enter the starting port and ending port numbers.
• If the service uses a single port number, enter that number in both fields.
• To find out which port numbers the service or application uses, you can contact
the publisher of the application, ask user groups or newsgroups, or search
on the Internet.I don't know which ports might be in use and I can't get such info because nobody cares about these abandoned devices. Would start 0, end 65536 be acceptable?
9. To specify how to filter the services, select one of the following radio buttons:
• Only This IP Address. Block services for a single computer.Not by MAC then. I guess it means reserving an IP for the gateway and entering that? I will try it at the weekend. Thanks.
