Reply

access list and mac filtering

katebessy
Follower

access list and mac filtering

i have a number of devices showing as currently connected to my router although they are not on my approved access listand I have access control turned on...  and I dont know what they are... just two random devices / MAC addresses. Interestingly the MAC addresses are almost identical except for the last two digits which are two numbers apart.

Model: DGND3700Bv2|N600 WIRELESS DUAL BAND GIGABIT ADSL2+ MODEM ROUTER
Message 1 of 3
antinode
Guru

Re: access list and mac filtering

> [...] i have a number [...]

   "two"?

> [...] of devices showing as currently connected {...]

   "showing" where?  An "Attached Devices" report, or what?

> [...] to my router

> Model: DGND3700Bv2|N600 WIRELESS DUAL BAND GIGABIT ADSL2+ MODEM ROUTER

   Is that accurate?  Firmware version?

> [...] I dont know what they are [...]

   Based on practically no useful information, what do you expect anyone
here to tell you about these "two [secret?] random devices / MAC
addresses", which only one of us has seen?  Are they reported as wired
or wireless?

Message 2 of 3
CXO
Aspirant
Aspirant

Re: access list and mac filtering

Do you have a Windows 10 device with "Random hardware addresses" set to on - this will force the device to generate a new random MAC address every time it boots up or every time the device wakes up from sleep mode (essentially every time the network connection is reset). The device will appear as temporary blocked by access control on the netgear router since the new mac address is not on the allow list and netgear access control relies purely on the mac address to allow or block devices from accessing the internal or external network.

 

Netgear hasn't seemed to understood that this can be issue - the Windows 10 feature is a good feature and prevents network packet sniffing by man-in-the-middle thereby protecting you from attacks. Hackers often track devices by their mac address and target vulnerabilities in the device. If the mac address keeps changing, its like trying to hunt a moving target rather than a sleeping one.

 

I don't think Netgear has any solution for this. Ideally if you have Netgear's Genie installed on the device, it could potentially have the intelligence to go tell the router - hey I used to be an allowed device and my mac address has changed in order to keep this device secure - so here's hte old one and here's the new one - why don't you replace it in your access control list - ah! but it takes GENUINE INTELLIGENCE and a little bit of CUSTOMER FOCUS to think that up.

 

Netgear just wants its fat a$$ Genie to sit on the laptop and show pretty buttons you can press instead of building in some serious features into the lame system. Sigh!

Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 573 views
  • 0 kudos
  • 3 in conversation
Announcements