- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: Is there any way to block specific device from WAN?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is there any way to block specific device from WAN?
I have a gateway serving z-wave connected LEDs around the house. The product became abandonware so the cloud service was discontinued but I found out how to operate it on my LAN and used a Raspberry Pi to link it up to Alexa. So that's all cool now.
BUT I'm paranoid that it still tries connecting to the cloud, and that one day a firmware update could be pushed that bricks it. On my previous router, I had some rules linked to its MAC address that prevented it reaching the WAN but I can't see any way of doing this with Orbi. Any suggestions?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Is there any way to block specific device from WAN?
@AdrianM wrote:
On my previous router, I had some rules linked to its MAC address that prevented it reaching the WAN but I can't see any way of doing this with Orbi. Any suggestions?
I believe what you want is on the Advanced tab of the web interface, under Security, Block Services. It was not obvious to me, but the way it works is you Add a block, select "Any" for the services and enter the IP address of the Z-wave controller. (or, maybe you have to have one block for TCP and another block for UDP?) (Disclaimer: I haven't set one up myself.)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Is there any way to block specific device from WAN?
From the user guide:
Block Services From the Internet
You can block Internet services on your network based on the type of service. You can block the services all the time or based on a schedule.
Ok, do "internet services" refer to WAN only (not my LAN) because I need local http access on port 80 to send commands to the gateway's REST api.
To block services:
1. Launch a web browser from a computer or mobile device that is connected to your
Orbi network.
2. Enter orbilogin.com.
A login window opens.
3. Enter the admin user name and password.
The user name is admin. The password is the one that you specified the first time
that you logged in. The user name and password are case-sensitive.
The BASIC Home page displays.
4. Select ADVANCED > Security > Block Services.
The Block Services page displays.
5. Specify when to block the services:
• To block the services all the time, select the Always radio button.
• To block the services based on a schedule, select the Per Schedule radio button.
For information about how to specify the schedule, see Schedule When to Block Internet Sites and Services on page 50.
6. Click the Add button.
The Block Services Setup page displays.
7. To add a service that is in the Service Type list, select the application or service.
The settings for this service automatically display in the fields.
8. To add a service or application that is not the list, select User Defined.
a. If you know that the application uses either TCP or UDP, select the appropriate
protocol.
Otherwise, select TCP/UDP (both).
b. Enter the starting port and ending port numbers.
• If the service uses a single port number, enter that number in both fields.
• To find out which port numbers the service or application uses, you can contact
the publisher of the application, ask user groups or newsgroups, or search
on the Internet.
I don't know which ports might be in use and I can't get such info because nobody cares about these abandoned devices. Would start 0, end 65536 be acceptable?
9. To specify how to filter the services, select one of the following radio buttons:
• Only This IP Address. Block services for a single computer.
Not by MAC then. I guess it means reserving an IP for the gateway and entering that? I will try it at the weekend. Thanks.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Is there any way to block specific device from WAN?
@AdrianM wrote:
Not by MAC then. I guess it means reserving an IP for the gateway and entering that? I will try it at the weekend. Thanks.
Yes. You figured it out!
Pick a range of consecutive IP addresses for reservation in case you want to block more than one devices.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Is there any way to block specific device from WAN?
Good.
Oh, BTW, what's with the rich text editing on these forums - I coloured all the text I pasted from the User Guide in blue and inserted my comments in black and it looked fine in the preview but only the first blue line appeared when posted (and when editing using the rich text view) HTML looks OK I think but gives me a headache tracing the tags so it may be borked!
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Is there any way to block specific device from WAN?
BWT, only need to worry about TCP/UDP ports if you want to block a specific application like email/torrent/etc. In your case, you want to block all, so select the big hammer from the drop down menu.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Is there any way to block specific device from WAN?
One more suggestion.
- First, create a schedule rule, by default it's every day, 7 days a week.
- After you add one or range of IP to block, select bock by schedule and select the schedule you've just created.
• Introducing NETGEAR WiFi 7 Orbi 770 Series and Nighthawk RS300
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more