[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 30/03/14 09:09, Daniel Robinson wrote: > Good morning folks. > > Not wanting to hijack the IMAP on Synology thread I decided I would > start my own. > > I am currently experiencing strange behaviour from my Vigor 2130n router > which needs some explaining. > I'll just give you a quick overview of my LAN and this really simple > thing I am trying to achieve with wireless LAN access control. > > SSID1 - Has My Nexus 5 and Epson SX600FW MAC addresses set to Allow > SSID2 - Has Reni's PC MAC address set to Allow > SSID3 - Has Andras' PC and Mobile phone MAC addresses set to Allow > SSID4 - Has Gavins Laptop and two mobile phone MAC addresses set to Allow > > The second I click 'Okay' everyone has an authentication error and can > not connect. > > I have bound everyone’s IP address to their devices MAC address to > enable me to read the log files quickly and to help with later > configuration but I see nothing to suggest why nobody can connect. > > SSID1 does not have either the... > *Isolate LAN:* Wireless clients (stations) with the same SSID cannot > access wired PCs on LAN. > or the > *Isolate Member:* Wireless clients (stations) with the same SSID cannot > access for each other. > ...tick boxes selected > where as SSID2,3,4 have the *Isolate LAN box selected. > > * > So far these are the only changes I have made to the router so otherwise > this router is set to factory default. > Can anyone see what is wrong here. > > Kind Regards Yes, you are using MAC filtering, which is entirely and utterly pointless. It falls into the same class of "utterly stupid and useless pretend security measures" as SSID hiding or LEAP except MAC filtering requires the largest amount of effort to implement and maintain for the absolute lowest ROI. It's contributing to admin overhead, is confusing you and breaking your wifi setup and would take any beginning script kiddie or naughty housemate approximately 1 second to break by simply cloning a valid MAC... C'mon Daniel, you're smarter than that. MAC filtering is as laughable as WEP or LANMAN. Do yourself a favour and turn it off, then go and read up on security a little bit. Maybe start here: http://www.reddit.com/r/AskNetsec/comments/16pi8q/why_is_mac_filtering_useless/ Cheers -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq