NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
It would be great to drill down on the daily Content Filtering Report, to see which connected clients tried to visit blocked sites.
It would also be nice to offer parental controls for the device or connected client browsing history.
The system is amazaing however it needs some additional features to be a reasonable solution for a work from home user with children.
3 Comments
Looks like my iPhone is getting around the Content Filtering by using a private network setting on the iPhone. No good! How do we fix this?
We need a MAC address white list in the Content Filtering setting.
Use private Wi-Fi addresses on iPhone, iPad, iPod touch, and Apple Watch
To improve privacy, your device uses a different MAC address with each Wi-Fi network.
To communicate with a Wi-Fi network, a device must identify itself to the network using a unique network address called a Media Access Control (MAC) address. If the device always uses the same Wi-Fi MAC address across all networks, network operators and other network observers can more easily relate that address to the device's network activity and location over time. This allows a kind of user tracking or profiling, and it applies to all devices on all Wi-Fi networks.
Starting with iOS 14, iPadOS 14, and watchOS 7, your device improves privacy by using a different MAC address for each Wi-Fi network. This unique MAC address is your device's private Wi-Fi address, which it uses for that network only.
In some cases, your device will change its private Wi-Fi address:
- If you erase all content and settings or reset network settings on the device, your device uses a different private address the next time it connects to that network.
- Starting with iOS 15, iPadOS 15, and watchOS 8, if your device hasn’t joined the network in 6 weeks, it uses a different private address the next time it connects to that network. And if you make your device forget the network, it will also forget the private address it used with that network, unless it has been less than 2 weeks since the last time it was made to forget that network.
Join Wi-Fi networks with a private address
Connect to Wi-Fi networks like you normally do. A private address doesn't affect how you join or use most Wi-Fi networks, but if a network doesn’t allow your device to join, or doesn’t allow it further network or internet access after joining, you can turn off Private Address for that network.
Various possible solutions, probably a combination:
- Add a feature prohibiting random (this is what it is) MAC addresses allow a WiFi association.
- Show up a capture-all page explaining why random MAC are not allowed, and how this can be disabled on iOS, Android, Windows, and MacOS at least. This does not add a big concern as most operators know their network users anyway.
- Create a capture-all content filter with the most strict rules set. Allow less strict (or optionally no) CF rules for known and trusted MAC only.
Needless to say, a CF only checking and applying CF filter for known/defined MAC and let all other MAC addesses pass is *****.
Digging a little bit more tells me that CF does apply to all devices, regardless of the MAC address.
