Menu
What's new
By:
Filters Better Search

RT-AC66W MAC filter problems on bridged computers

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

S

Schnitter

New Around Here
Hi guys, I have the RT-AC66W with latest firmware (not BETA) as the main router and two older ASUS routers with DD-WRT as a repeater bridge to connect computers on another building. I am having trouble blocking access to computers that connect through the bridge. I had two previous routers set up as "main" before upgrading to this router, and blocking MAC address on them worked as normal.

I think I know the problem, but I don't know the solution.

When I log in to my router UI and click on CONNECTIONS I see:

Pjipd3c.jpg



Brige1 and Bridge 2 routers are set to 192.168.1.2 and 192.168.1.3 respectively (as the main is 1.1).

By looking at this picture, though, you see that Bridge1 shows to have 192.168.1.191 IP which is one I set manually on a COMPUTER for DMZ purposes.

Now the reason I think this problem is happening is: if you look at the client list on the image, Bridge1 is shown with the #4 signifying four computers connect through it, but there is NO WAY to actually see the MAC of computers connected to Bridge1 where as before, with the other routers, I could.

When I go to the MAC address filter, and click on the drop down arrow, it only shows me the MAC address of the BRIDGE, not of any single computer/phone/etc

US5oKwQ.jpg


The same thing happens when I go to Parental Controls:

Ikj6Es8.jpg


I had to manually set my HTC's phone MAC address since I couldn't selected. And after manually adding it, it won't block my phone or any other computer that goes through Bridge1 or Bridge2. If I connect with my phone DIRECTLY to the RT-AC66W router, though, it does block it.

How can I fix this? Should I try Merlin? or perhaps the ASUS Beta?

Thanks.

EDIT: Please disregard the Motorola. It is just some box connected by LAN directly to the main router to give me a phone line.
 
Last edited:
I think I found the solution. You can't block by MAC address, but you CAN by IP. Unlike my other two routers, this ASUS does not assign IP incrementally, it just assigns an IP at random. Is there any way to make the router give incremental IP addresses? Basically, I want to block all IPs from *.100 to *.190 and give my computer 191 address.
 
Schnitter said:
Is there any way to make the router give incremental IP addresses? Basically, I want to block all IPs from *.100 to *.190 and give my computer 191 address.
Click to expand...

I ended up using DHCP to assign specific IP to MAC address then white listed using Firewall > Network Service Filter. I found this to be a pain because I could not create a rule for a range of IP's only port range and only a protocol. The last ASUS firmware I used was limited to 32 rules (I think). Merlin allows for 128 rules. I ended up created 3 rules per white listed IP-

Source IP
Source Port 1:65535
Destination IP <left it blank>
Destination Port 1:65535
Protocol TCP ALL

The next rule would be the same changing Protocol to UDP. I don't remember why but I created a 3rd rule for Protocol TCP. so I ended up with 3 rules per IP.

Does anyone has an easier way?
 
Ferdowsi said:
I ended up using DHCP to assign specific IP to MAC address then white listed using Firewall > Network Service Filter. I found this to be a pain because I could not create a rule for a range of IP's only port range and only a protocol. The last ASUS firmware I used was limited to 32 rules (I think). Merlin allows for 128 rules. I ended up created 3 rules per white listed IP-

Source IP
Source Port 1:65535
Destination IP <left it blank>
Destination Port 1:65535
Protocol TCP ALL

The next rule would be the same changing Protocol to UDP. I don't remember why but I created a 3rd rule for Protocol TCP. so I ended up with 3 rules per IP.

Does anyone has an easier way?
Click to expand...

The problem is ASUS firmware blocks by MAC not by IP. In your case, that works, but for me, blocking MAC does not because most my computers are connected to a bridge and the router sees all computers have the same MAC as the bridge.

In your case, though, wouldn't it be easier to use the parental control set to ON and then use the chart to block computer access by hour? It is a little hard to find, but there is a drop down menu on the top right in the parental control's page.
 
Whitelisting is blocking IP addresses. Only 10 IP addresses in this subnet are accessing the Web or subnets before the public Internet.
 
You must log in or register to reply here.

Similar threads

U
RT-AC66W block IPs outbound
Replies
3
Views
607
drinkingbird
drinkingbird
R
Wireless MAC (Band filter filtering out Guest network)
Replies
2
Views
127
recharging
R
Y
RT-AC88U wifi error
Replies
6
Views
634
Ripshod
Ripshod
elrengo
[RT-AC3100] - Internet Connection is degraded
Replies
6
Views
320
sfx2000
sfx2000
R
Guest network MAC address white listing limit
Replies
5
Views
290
Ryo
R
Similar threads
Thread starter Title Forum Replies Date
U RT-AC66W block IPs outbound ASUS AC Routers & Adapters (Wi-Fi 5) 3
M ASUS RT-AC68U Mystery MAC address ASUS AC Routers & Adapters (Wi-Fi 5) 10

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 739 (members: 35, guests: 704)
Top