Block wifi by IP range?

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

beethart

New Around Here
Hello. Setting up a new RT-AX86U this weekend. With my old Netgear router I could block access to a range of IP address on a daily schedule. I used this to kick kids off WiFi at night, while keeping parent and appliances on (used static IPs for parent/appliances, then blocked DHCP range). This worked great because I didn't have to mess with each kid device, new devices, friends staying over, etc... It just shut down all DHCP clients.

I can't find anyway to do this broadly with the ASUS router. Any suggestions?

Thanks.
 

ColinTaylor

Part of the Furniture
AiProtection > Parental Controls > Time Scheduling
 

beethart

New Around Here
Thanks Colin. I did find this function, but it's by client. So I have to add each new device, and update when devices change, or when apple products change their "private" wifi/MAC address. I want to just turn off any device I haven't set a static IP address for.
 

ColinTaylor

Part of the Furniture
Have a look at Firewall > Network Services Filter. That might do what you want.
 

beethart

New Around Here
Yeah, I think I can make that work. I'd have to shut off, for example, the 2.4 GHz network, and leave parent devices on the 5 GHz.
 

PorthosJon

Occasional Visitor
ColinTaylor is correct. You set the filter at the top and then you can specify the IPs that you want to shut down by setting it to Blacklist and entering the IPs in the table below in a CIDR notation.. just make the destination 0.0.0.0/0
 

beethart

New Around Here
Finally getting back to this. Thought this might work, but the Network Services Filter Table does not accept the CIDR notation. So no way to specify a range.
 

ColinTaylor

Part of the Furniture
Finally getting back to this. Thought this might work, but the Network Services Filter Table does not accept the CIDR notation. So no way to specify a range.
John's firmware (and therfore I assume Merlin's as well) support CIDR notation. It looks the stock firmware doesn't. But as the tooltip says, you can specify wildcard addresses like 111.222.*.* or *.*.*.*.
 

beethart

New Around Here
Okay, I opened up the subnet mask, set my DHCP pool to 192.168.x.* and the static to 192.168.y.*. Then I set up a network services filter to turn off the 192.168.x.* devices. I'm a bit stumped on the Time of Day though. I don't see how to set up an outage period across midnight. It doesn't look like there can be varying times for the Network Services Filter
 

ColinTaylor

Part of the Furniture
You could set a start time of say 23:00 and an end time of 06:59.
 

beethart

New Around Here
Okay, I set this up and it seems like the Network Services Filter does nothing. It never blocks service. I have it set up per the screen shot. Any idea what I got wrong?+
1603841636504.png
 

ColinTaylor

Part of the Furniture
Strange. Looks like it should work.

Sometimes the router can get confused by daylight savings time. Just in case try setting the black list period to something that definitely covers your current time. So if your local time is currently 21:15 set the time period to 18:00 to 23:59. If that works try 18:00 to 06:00.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top