Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[kevinkar]

Hi everyone,

Using a new DIR-628 as primary router connected to a Linksys WRT400N as a wireless bridge that then connects wirelessly to a Linksys WET601N bridge that ultimately connects to my daughter's PC.

The DIR-628 is Hardware Version A2 with Firmware 1.22NA.  I have it set to provide DHCP to all my clients except for some static IPs for satellite box, XBox, and some other always-on devices.  I also set up MAC filtering so only those MACs can connect.  So far so good.

I set up access schedules for my daughter's computer, blocking access when appropriate.  I also enabled Access Control Policies for her computer using MAC address, since her PC is a DHCP client and the IP could change, and selected the appropriate schedules for the policies.

When identifying her PC in the policy using MAC address, the access control fails.  The log says her MAC address is blocked but all you have to do is start up a browser and out you go!  I struggled with this for hours but no matter how I set the schedule or policy, it failed to block her PC.  I also then set up policies for the WET610N (it's just a wireless bridge connected to her PC only) and used MAC address for that device as well but it also failed.  All access all the time.

I then got the bright idea to instead block her IP address even though it was dynamic and could change.  As soon as I changed the policies to block by IP and not MAC, it worked.  So that forced me to set her PC as a static IP instead.

So access control by MAC address is not working.  Why? What's up with that?

I reset the DIR-628 to factory defaults, rebooted it numerous times, and even reflashed the firmware a couple of times but nothing would get the MAC address filtering for access control to work.  The MAC address filtering for basic connection does work so, if her MAC is not defined in the list, it won't connect at all.  Unfortunately, this is not a policy that can be scheduled.

So a little help from anyone who might know what's going on here and how to solve this issue.

Otherwise, the DIR-628 appears to be working properly.

Thanks for the help,

Kevin

[kevinkar]

I was contacted by D-Link who had me check to see if I had MAC address filtering enabled and had the PC included in that list (I did) but did not address the MAC fails versus IP works issue.  Since this did not solve any issues, I replied that I checked the settings and nothing has changed.

We'll see what they say next.

Kevin

[kevinkar]

Here's an update in case anyone is listening.

Initial query to D-Link about Access Control Policy not working when MAC address is used but works when IP address is used.  What's up with that?

Three days later, D-Link replies for me to check the MAC address filtering and ensure that the PC that I'm trying to block is listed (never mind that MAC address filtering and Access Control Policies are two different things.)  I confirm that the PC is in the list (as are all my devices.)

One day later D-Link replies asking me which MAC address I am entering (ethernet or wireless) to which I reply that there's only an ethernet card in the PC so that's the only MAC I can use.

Two days later D-Link replies asking me what the MAC address I am using is and if it begins with 00.  Affirmative.  I assume this was a check to see if I entered in a bad MAC address.

So, it's taken over a week now for D-Link to ask me three simple questions which they could have asked all at one time, one of which was not really related to the problem.

Pros: At least they are replying to my issue.
Cons: Asking one question at a time.  Not really understanding the problem.

I can block by IP so at least I am functionally blocking my daughter's PC on schedule but I'd much rather it be by MAC address than by IP so I could use DHCP instead of static IPs.

Oh well....

[kevinkar]

Last update would be this in case anyone is interested.

D-Link support asked me to connect a PC directly to the router and instead do not apply MAC address filtering via a bridge which is what I had been doing, and to try again.  What happens.

Well, the MAC address appeared to be filtered properly.  So, the implication is that MAC address filtering may not work over a bridged connection which, to me is a bit silly.  After all, a bridged connection is simply adding one hop between a computer and the router.  You could say that the PC to router is a bridge through the PC's wireless card.

Anyway, since it works when directly connected to the router, it's "working".  Not much that can be done about that, I guess.  Unfortunately, this is not what I want and instead have had to resort to static IP address and filtering by IP which serves the same purpose in terms of filtering our daughter's access.

Not the best solution and I'd still consider the MAC address filtering to be broken but what can you do?

Oh well.