D-Link DIR-655 :: Access Control When IP Or MAC Can Be Changed
Dec 31, 2011
DIR655 with 1.33NA firmware. I'm trying to determine how to block access to the internet for a specific LAN computer when the user knows how to change a MAC address. I don't want to turn MAC control on and grant only to listed computers - the list doesn't accommodate enough MAC addresses, and the client has wireless and wired since it's a laptop. I also don't want to set static IPs on all of the devices since some cannot accommodate that feature.I'm thinking that reserving an IP address isn't ultimately the solution either, since assigning the IP isn't going to work if the MAC changes. how to use access control under these circumstances?
With basic "Wizard" setup I got DHCP and port 80 for the camera. It was working just fine with MyDLink and locally with DLink-ViewCam software and some local test web pages. However, we have a wireless printer on that router which also uses port 80, so when it was installed we set up a "port forward" for port 80 traffic to it for administration from other subnets. How MyDLink website is able to tunnel through our hardware firewall and the wireless routers firewall to communicate with the camera is not clear to me (perhaps someone can send me a link to an explanation??), but it works...Thus, to allow access to the camera from other subents, I wanted to change the camera's port from 80 to another, say 8181 and set up the appropriate "port forwarding for TCP and UDP. All of the steps below were from a PC within the camera's subnet/router so port forwarding is not an issue
I have tried to setup access control by setting up a policy that restricts certain MAC addresses during a period during the day from certain websites. I set up the website filter and a schedule and selected them for the policy. Instead of blocking just the websites on the filter list during the time setup in the schedule, it blocks all websites all the time.I made sure that I setup the policy to 'block some access' NOT 'block all access'.The only thing that seems to work is that only the computers with the MAC address selected are effected.
I may be doing it incorrectly, but I'm trying to configure web access rules. I first set up access control and tell it to use the website filter. I've tried configuring it by both MAC address and IP address (separately, not simultaneously), but it still allows the listed sites in the web filter to get through. Is there something else I need to block or am I not doing something correctly? The network is on DHCP reservation, so IP addresses are always the same. MAC addresses, as I mentioned, don't work, either and they are fixed and logged in the router.
When attempting to configure access controls from the advanced menu I enable the access control checkbox. I then follow the configuration wizard completing each step as directed by the wizard. When I complete the wizard and try to save the rule I get the following error message regardless of how I complete the wizard. "Name can not be empty string". Yes, cannot is misspelled in the message. I have tried every combination of choices in the wizard and many combinations of naming the rule to no avail.
This did work properly on a previous firmware version, probably 1.04 or 1.05. I have not tried back loading to the previous versions to see where it did or did not work. I don't know how well the router goes back and don't really care to reload all the settings again by hand if the automatic recovery doesn't work.I want to use this feature to control what hours certain machines on the network have access to the internet.
I'm trying to block internet access to a range of IP addresses using the Access Control function of the DIR-655 router. Unfortunately, the router does not allow me to block a range of IPs. Instead, I can only create policies based upon individual IPs or MAC addresses. I have over 60 machines I want to block Internet access and I'd hate to have to type them in individually. How do I go about blocking all Internet access (HTTP/FTP/email/everything) for a range of IP addresses? They will have to be able to continue to use the internal LAN.
I would like to use the web access control that is on the DIR-615 along with my 2Wire modem/wireless router. Is this possible? If not is is possible to put the 2Wire modem into bridge mode and purchase a second wireless modem to run along side the DIR-615 that I have so that I can have two separate wireless networks that have two different web access controls in place?
I want to do what I thought would have been a simple enough task - block my kids phone/computer after certain hours. Instead of blocking the specified MAC address(es), all my computers does not have internet access. As soon as I disable the policy, internet access is on again. Here's what I did:
My firmware is 1.35NA and have a schedule established. When I try to add a policy for access control, I can select a policy name but when I hit "next", I get an error stating "Internet Explorer has stopped working" and wants to close. I was able to add policies previously but can not any more.
Trying to set up a simple schedule for keeping the kids from staying up all night. I'd had this working on a Linksys WRT54G till it bit the dust. I just want it to block internet after midnight. My problem is that the schedule is triggering the block unpredictably.?
I have a situation where I have tenants connecting to my wireless network and paying towards the internet bill. I am able to control this by using MAC filtering, but I have just realised that this only works for wireless clients.
Is there a way to replicate this for the router's Lan ports? Or possibly even just disable Lan access. The router model is a D-link DSL-2750U.
Region : Austria Model : TL-MR3420 Hardware Version : V2 Firmware Version : ISP :
I'd like to make exception keywords in the Access Control but I don't know how I could possibly do this. E.g. I have put in the keyword "apple" to be blocked, so if a domain has the keyword "apple" in it, it will be automatically blocked. What can I do, however, if I want to make an exception for the domain "appletree.com"? I haven't found any way to make an exception to specific domains or keywords.
I have several laptops at home that connect via wireless connection tot he DIR_655. Using the MAC address of those laptops, I want to prevent them from going to certain websites.Under 'Advanced" and "Website Filter", I addes several domain names (websudoku.com for example). I selected "DENY computersaccess to ONLY these sites". I then saved settings.I then went to "Access Control". I clicked on "Enable Access Control".I clicked on "Add Policy" to cdreate a new policy for one of the laptops.When I boot the laptop and go to one of the websites, it still allows me access. The URL/domain name is correct.
Region : UnitedStates Model : TL-WDR4300 Hardware Version : V1 Firmware Version : 3.13.23 Build 121225 Rel.37950n ISP :
Setting up access control for one PC. I just want to block all internet access to one PC during a certain time. It seems like my only options in the Access Control page in the GUI is to block websites or domains.
For some reason I can't get Access Control/Webaccess Filters working on my Dir-655 w/ 1.35NA. I've tried it with MAC and IP Address without any success. I've also enabled/disabled/enabled DNS Relay, recreated the rules, recreated the filters, etc. Nothing.
I'm trying to set up a website filter on my DIR-601. I created a policy for 2 MAC addresses, with a schedule from 10AM-6PM, selected "Block some websites", and disabled logging. Under website filter, I added some entries, and selected "DENY computers access to ONLY these sites". When the policy is enabled, and I try to access one of the blocked websites, it gets blocked correctly ("The URL access was denied by administrator.") However, for all other websites, I get "server unexpectedly dropped the connection" errors, eg "Safari can�t open the page [URL] because the server unexpectedly dropped the connection. This sometimes occurs when the server is busy. Wait for a few minutes, and then try again." or in Chrome "No data received. Unable to load the webpage because the server sent no data." This happens with ALL non-blocked websites. I'm using hardware version A1, firmware version 1.01NA.
i have 7 AP's in a school...i have numbered them 1 to 7 and have a strong password on im being called out every few months to reset the AP as its not working when i get there i see the ssid has changed to hp-josh1a seems like a computer name (its different most times) how are they changing the ssid of the tp link?
I had something odd happen to my Dlink router DIR-651 model. During the early evening hours someone changed the SSID name of my Router. Nothing else changed that I could see right off. So I reset the router to Factory Defaults.
Laptop, Desktop with USB stick, and 2 notebooks all were working fine on wireless prior to switching from phone line, to high speed cable connection at router. Have tried reset, unplug power, reinstalled router and everything else I could think of but none of them will connect. Shows a good strong signal from router but will not connect. Re-entered numbers, password etc as well in all other computers. What else to try other than a new router? Could it be coincidence that router decided to quit, around same time as changeover? Cable connections good and main computer connected via cable works ok, just all wireless not working.
Can't log in to d-link either. wrong password,? Type in admin, but won't log on without password and I tried but won't accept . Hitting reset and then retry didn't work either?
I have DIR600 Rev. B1 for about 2 years, and it's been working without a problem.Suddenly yesterday, I could not connect to the internet from my 2 laptop & blackberry.SSID & signal reception looks normal. On checking into the router's web interface, I noticed that the network key was changed into something else.....normal character like y2tz39s.
I'm being very curious. Has it been hacked ? Is it possible?I'm using WAP/WAP2 Security Setting for wireless connection.All other settings seems intact (firewall & even the SSID). Only the password was mysteriously changed. If I consider it being hacked, I wonder why the hacker didn't mess up all other settings ?
I work for a small company where we have a simple network that runs from one router and I believe has a switch. We all have access to the network wirelessly or with cable.The internet was running ok up until yesterday when I came in to do some online banking and thought the site was down. However, turned out it was just me that was having trouble. I coudn't access secure sites like online banking or facebook for example. Now I was using the cable at the time and this wasn't working. When I tried wirelessly it would work... this confused me but not as much as when I found out that others in the office could use the cable and even more, there are 2 others who cannot connect to secure sites with cable or wireless.I was wondering what could have changed over night as this is what seemed to happen. Is it our ISP? (prob not as others are ok) so I'm thinking there must be some kind of setup issue in our configuration. I believe we are all using dynamic IP addresses but I'm not sure if thats even relevant
Changed from D-Link to Netgear router now only one of two computers cannot see the other. Error shows cannot connect to MSHOME network, need administrative approval. Computers are ethernet connected to the router. Have McAffe and both computers are "Trusted" Can do a search with XP and it shows the missing computer but unable to make a connection.
Received a replacement DCS-930L today; using WPS, did setup wirelessly; all OK. Then did firmware update wirelessly (with second, DCS-932L, turned OFF). The v1.03 firmware file was the same one I previously used, I think. Amazingly, The camera menus are now in French, and I can't find a setting to change it to English.
i'm running a 5510 asa and the vpn has been working great for a while. We recently change our network provider so i had to change the public ip, and dns on the firewall... now i can still connect via the vpn and browse accross my mpls to other sites, but cant really access anything on the native lan that the firewall resides on?
We have a small office and already have a firewall in place that uses content filtering. I am looking for a low cost wireless access point that I can place behind my firewall that will allow me to control access by a username and password list, not just the passkey.
Does this exist without having to go to an Aruba or Ruckus type enterprise WIFI product?
I have a Linksys E3000, have had it successfully connected for three months now. Recently I attempted to connect my xbox 360 to the wifi and had issues connecting it. So I called ATT to obtain the PPPoE username and password, which they reluctantly gave me. Entered that into the xbox and still unable to connect, so I have given up on the xbox for the time being, I'll post that issue in a different forum. Where my issue is now is since contacting ATT the WPA2 password I set up for the router no longer works. I cannot access the router setup page, and I cannot add any new wifi devices. Although, all of the previously connected wifi devices are still connected to the router despite this issue. Is there anyway to make the old password work, or do I have to reset the router and start from scratch, and God forbid contact ATT again?
I've just been testing QOS on 3560 with version 15.0(1) and it seems the the default qos trust behavior on access ports has changed. By default the trust state of a port is not to trust anything, however rather than rewriting the DSCP value of the incoming packets and settign it to 0 the switch now seems to leave the DSCP value unchanged.
SW04-C3560(config)# do sh mls qos int g0/2 GigabitEthernet0/2 trust state: not trusted trust mode: not trusted trust enabled flag: ena [Code]......
I'm trying to set parental control for one of the kids in household, url...2gaming2Every Day 06:00 - 22:43 (meaning from 6am to 10:43pm he can acces ONLY those two sites, correct?)but, when I turn parental control on, all internet is off for him even allowed sites. Time right now is 21:44 gmt+2 and my router time is set right, so I don't know why it doest work?