1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

strange issues with guest network and Surface Dock and question re: network services filters

Discussion in 'ASUS AC Routers & Adapters' started by pacoinconn, May 23, 2020 at 11:21 AM.

  1. pacoinconn

    pacoinconn Occasional Visitor

    Joined:
    Dec 30, 2016
    Messages:
    13
    I have a strange issue with my setup and would like help to resolve it and make sure I've set up network services filters correctly. Apologies in advance for the long description of my setup.

    I'm using an RT-AC1900P router running the lastest firmware (3.0.0.4.385_20490). It is my main router so manages all IP assignments (manually for all devices except guests' devices). The router creates two networks (2.4 and 5) plus a guest wireless network (2.4). The router also connects to a network switch, one of whose ports is connected an Apple Extreme in our study. The Extreme serves as a smart switch only for connections to the printer, Sonos unit, and provides a few extra ethernet ports when necessary.

    For the past 9 months, I have been connecting my work Surface Dock to the guest network (w/out access to my intranet) and all was fine, including for Zoom calls. Because of poor Zoom performance over the past 6-8 weeks, I bit the bullet and connected the Dock using the ethernet connection from the Extreme. I also instituted network service filters to prevent the Dock (and the Surface's wireless connection) from accessing any other devices on the intranet.

    Now for the two questions.

    1. Drop out issue

    I have been having intermittent Internet dropouts on the Surface Dock. My personal computer, connected by Ethernet to the Extreme, has no problems with Internet connection when I lose internet connectivity on the Surface. Switching to the guest network on the Suface doesn't restore internet connection. The only resolution is to restart the Surface (or as I learned Friday, to unplug and replug the Ethernet cable on the Suface Dock).

    The "wrinkle" that I suspect may be causing this issue (but am not sure) is that the name of the Ethernet network adapter on the Suface is "____ Guest", which is the name of our guest wi-fi network. I have been deleted the adapter and restarted the Surface and yet the name remains and the dropouts persist.

    I've searched the router's menus however have not found any options that could cause the dropouts. I've confirmed that Time Scheduling is turned offf.

    What could be causing the dropouts and how can I resolve them? Any help in resolving the dropouts would be helpful.

    2. Correctly setting up network services filters

    What is the simplest way to prevent the Surface from being able to access the intranet? Currently I've set up a series of network services filters so that each "source ip" from the Surface is assigned to a destination ip for my NAS drive and then created unique entries for UDP and TCP All. I haven't created entries for TCP, TCP SYN, etc. The black list days/times are set to all days from 00:00: - 23:59.

    Is that correct? Or is there a simpler way?

    Any help on both issues would be greatly appreciated. Thank you.
     
  2. coxhaus

    coxhaus Part of the Furniture

    Joined:
    Oct 7, 2010
    Messages:
    3,668
    Location:
    texas
    I don't know ASUS but what about adding a route statement for your Surface IP maybe dock that points to your NAS.

    I would think each Ethernet connection has it's own IP. Route the one you want to stop.
     
  3. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    11,641
    Location:
    UK
    This won't work. The NSF only effects traffic from the LAN to the WAN. It doesn't effect LAN to LAN traffic.


    That's just one of those annoying "Windows things" :rolleyes:. Ignore it, it's just cosmetic.

    Regarding your dropouts, make sure that when you are connected by Ethernet that the wireless adapter is disabled (not just disconnected). If necessary manually disable the WiFi adapter.
     
    Last edited: May 23, 2020 at 12:41 PM
  4. pacoinconn

    pacoinconn Occasional Visitor

    Joined:
    Dec 30, 2016
    Messages:
    13
    Thx...didn't know that. Is there any way to prevent the Surface from accessing other devices on the LAN?

    When I first set it up, I disabled the WiFi adapter and started getting dropouts. I turned it back on thinking that perhaps the Surface would switch to wi-fi. Unfortunately, it does however there is no Internet access.
     
  5. pacoinconn

    pacoinconn Occasional Visitor

    Joined:
    Dec 30, 2016
    Messages:
    13
    I thought that's what I was doing by adding the network services filter for both the Surface's Ethernet connection and the wi-fi connection. However @ColinTaylor says network services filter won't work.

    What do you mean by "route the one you want to stop"? Perhaps I can find the appropriate menu selection in the routher's app.
     
  6. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    11,641
    Location:
    UK
    I am not familiar with the Surface or its Dock, but I assume the Dock is just a way of adding a gigabit Ethernet adapter to the Surface. So there would be no way of preventing its access to the LAN as everything is being switched.
     
    L&LD likes this.