Orbi WiFi 7 RBE973
Reply

Re: Block a device from internet?

mc510
Guide

Block a device from internet?

I want my surveillance camera to access my network, but not have any access to the internet, inbound or outbound. The only thing I see that looks remotely related is the "Block Services" screen, but I don't know what services or ports my device uses, I just know its MAC address and its IP address on my LAN. Is "Block Services" the correct place to block a device from the internet? How is it done when you only know the IP and MAC address of the device?

Model: R7000|AC1900 Smart WIFI Router
Message 1 of 8

Accepted Solutions
microchip8
Master

Re: Block a device from internet?

if you don't know which ports your cams use, then block all ports by using 1-65535 as port range

 

i have it done for a few devices and it works here. they cannot get internet access, only LAN access

View solution in original post

Message 8 of 8

All Replies
myersw
Master

Re: Block a device from internet?

Are you sure about what you are asking. Most security cameras I am familar with want an Internet connection to update videos to "home". 

Message 2 of 8
mc510
Guide

Re: Block a device from internet?


@myersw wrote:

Are you sure about what you are asking. Most security cameras I am familar with want an Internet connection to update videos to "home". 


Yes, I'm sure. My camera will save video on my NAS hard drive, and that's all that I want it to do. Connecting to its "home" is exactly what I want to block.

Message 3 of 8
yddtime
Luminary

Re: Block a device from internet?

Find out where "home" is and block the site for your cameras.

Message 4 of 8
antinode
Guru

Re: Block a device from internet?

> [...] I don't know what services or ports my device uses, [...]

 

   With a description as detailed as "my surveillance camera", I have no
idea, either.  But, if what you want is for it "not have any access to
the internet, inbound or outbound", then blocking all ports (1-65535)
would seem to be plausible.

 

   ADVANCED > Security > Block Services blocks outbound connections.  By
default, inbound connections are blocked by the normal NAT functionlity.
(You'd need to enable something like port forwarding to allow incoming
connections.)

 

   My D7000[v1] (V1.0.1.70_1.0.1) has a predefined Service Type,
"Any(ALL)" for that purpose.

Message 5 of 8
mc510
Guide

Re: Block a device from internet?


@antinode wrote:

   ADVANCED > Security > Block Services blocks outbound connections.  By
default, inbound connections are blocked by the normal NAT functionlity.
(You'd need to enable something like port forwarding to allow incoming
connections.)


Thanks! Though if I have UPnP enabled, the device could presumably open an inbound port on its own, right? 

Message 6 of 8
antinode
Guru

Re: Block a device from internet?

> [...] Though if I have UPnP enabled, the device could presumably open
> an inbound port on its own, right?

 

   I believe so.  Which is why I don't enable UPnP.  (That, and I have
no actual need for it.  Plain-old explicit port forwarding does what I
need done.  I did say "something _like_ port forwarding".)

 

 

   Once, a while ago, I used Wireshark to watch a "smart socket" (Orvibo
S20) "phone home".  The gizmo used a specific DNS server (located by IP
address) to find its piece of the cloud.  Tough to hijack.  I didn't try
to block it, but I'd expect Block Services (1-65535) to do it.

Message 7 of 8
microchip8
Master

Re: Block a device from internet?

if you don't know which ports your cams use, then block all ports by using 1-65535 as port range

 

i have it done for a few devices and it works here. they cannot get internet access, only LAN access

Message 8 of 8
Top Contributors
Discussion stats
  • 7 replies
  • 1840 views
  • 0 kudos
  • 5 in conversation
Announcements

Orbi WiFi 7