NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Access Control Security on devices using MAC Address filtering for specific activities
I use a Nighthawk X6 AC3200 Smart WIFI Router.
I run a network were users need to be restricted / filtered on a range of activities when accessing the router.
This Nighthawk router which runs DHCP has Internet WAN, LAN Storage Drive, Printers etc services connected to it.
Some users need to be allowed to access only LAN Storage and not the Internet service. Some users are allowed to access every service.
Since the Nighthawk runs DHCP, the only stable filter for restriction is MAC Address.
Is it is possible for Nighthawk X6 to perform filter users using MAC Address?
Responses please. Thank you.
Thank you again Newsat11
I found a way around creating desired restrictions/filtering with the Nighthawk X6 using the Advanced LAN Setup to tie a certain IP Address to the Workstations' MAC address (which seems similar to Static IP).
With this I do not need to go the individual workstations to effect this, all I need do is identify the connected Users through Advanced > SetUp > LAN Setup > Add.
The Address Reservation page shows the available Connected Users to choose and modify their IP Address as desired while the corresponding MAC Address remains primary to the IP Address.
Apply and Return back to Advanced > SetUp > LAN Setup > Add, to find the Added Workstation, then Apply.
Nighthawk X6 will Update and Reboot itself and Force the workstation to take the assigned IP Address linked to it's corresponding MAC Address.
Then, return back to Advanced > Security > Block Services, and select the desired available Service Type (or create a new Service Type with Port if you choose). Add the IP Address of the particular Workstation and Apply.
Nighthawk X6 will detected the Workstation with it MAC Address and effect the filtering Service Type.
Thank you for offering some help.
PS: In my last response, I didn't reference you properly, pardon me.
3 Replies
If your running a serious network, which it sounds like you are, you should not be using DHCP for your devices. The computers' operating systems is where you should be configuring which services are available. A router alone cannot do what you are asking. To do some of this through a router you would need to use subnets to divide users into separate subnetworks, then determine what resources are available to those subnets.
Thank you for your response Luminary.
Yes, we are running a serious network. The challenge is that DHCP gives admin the leverage of allowing existing and new workstations take available IP's within the available IP range without being physcially present on site.
At present we operate only a Netgear Nighthawk X6 to manage our users access but without sufficient desired restrictions. However, from your suggestion on subnets and subnetworks or maybe an ePolicy orchestrator (my thoughts); I not clear on how this would work with a Nighthawk X6, maybe you can advice again.
Thank you again for proferring a solution.
Thank you again Newsat11
I found a way around creating desired restrictions/filtering with the Nighthawk X6 using the Advanced LAN Setup to tie a certain IP Address to the Workstations' MAC address (which seems similar to Static IP).
With this I do not need to go the individual workstations to effect this, all I need do is identify the connected Users through Advanced > SetUp > LAN Setup > Add.
The Address Reservation page shows the available Connected Users to choose and modify their IP Address as desired while the corresponding MAC Address remains primary to the IP Address.
Apply and Return back to Advanced > SetUp > LAN Setup > Add, to find the Added Workstation, then Apply.
Nighthawk X6 will Update and Reboot itself and Force the workstation to take the assigned IP Address linked to it's corresponding MAC Address.
Then, return back to Advanced > Security > Block Services, and select the desired available Service Type (or create a new Service Type with Port if you choose). Add the IP Address of the particular Workstation and Apply.
Nighthawk X6 will detected the Workstation with it MAC Address and effect the filtering Service Type.
Thank you for offering some help.
PS: In my last response, I didn't reference you properly, pardon me.
