• September 26, 2017, 02:12:48 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Pages: [1] 2

Author Topic: Beefing up Wireless security  (Read 258 times)

02ebz06

  • Level 2 Member
  • **
  • Posts: 29
Beefing up Wireless security
« on: September 13, 2017, 08:42:44 AM »

I'd like to add as much security as I can to my wireless network.
I have not found any way to do the following:

1) Disable SSID broadcast
2) Limit network access to a list of MAC addresses.

Did I miss something, or are those features non-existent in the COVR ?

TIA
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 43140
  • D-Link Global Forum Moderator
    • New DIR-890L Router with SmartConnect™ Technology
Re: Beefing up Wireless security
« Reply #1 on: September 13, 2017, 10:03:06 AM »

D-Link took out SSID hiding a while ago in previous models as its not very secure and can be seen by scanners.

Have you set up parental controls for your devices that need control?
Logged
Cable:100mb/3Mb>Motorola SB6183>DIR-880L>HP 24pt Gb Switch. 3xDGL-4500s,DIR-857,835,827,815,890L,880L,868L,865L,836L,826L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L and a Boxee.
Go Here>Router Troubleshooting

02ebz06

  • Level 2 Member
  • **
  • Posts: 29
Re: Beefing up Wireless security
« Reply #2 on: September 14, 2017, 07:40:35 AM »

Never thought about setting Parental Control, since our kids have flown the coop.
Isn't that for outbound connections though, I want to block inbound connections?
I will look at it.

Being able to only allow certain MAC address on the local network would be ideal.
« Last Edit: September 14, 2017, 07:43:26 AM by 02ebz06 »
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 43140
  • D-Link Global Forum Moderator
    • New DIR-890L Router with SmartConnect™ Technology
Re: Beefing up Wireless security
« Reply #3 on: September 14, 2017, 08:07:21 AM »

What are you trying to limit on the your network?
The Mac Filter was also a older generation feature.  ::)

Are you trying to keep others from the outside coming in?
Logged
Cable:100mb/3Mb>Motorola SB6183>DIR-880L>HP 24pt Gb Switch. 3xDGL-4500s,DIR-857,835,827,815,890L,880L,868L,865L,836L,826L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L and a Boxee.
Go Here>Router Troubleshooting

02ebz06

  • Level 2 Member
  • **
  • Posts: 29
Re: Beefing up Wireless security
« Reply #4 on: September 14, 2017, 09:11:58 AM »

Dang, just lost everything I was adding.
I was playing with a IPV4 firewall, but lost outgoing connection when I saved the rule, and everything I had typed in.

Yes, want to block WAN to LAN access.

For the rule, I selected this -->  "Turn IPV4 Filtering ON and DENY rules listed"
The manual isn't 100% clear at to what this means (at least to me).
From the manual: "To begin, use the drop-down menu to select whether you want to ALLOW or DENY the rules you create"
Denying the Rule seems a strange way to word it, so I assume that it means it will deny the access listed in the rule.

Had an issue with setting a WAN rule range.
Can't use 0.0.0.0-255.255.255.255
Lowest you can set is 1.0.0.0  and  highest is 223.255.255.255

So I created this rule"

"Turn IPV4 Filtering ON and DENY rules listed"
Name:         Block WAN Access
Source:       WAN   1.0.0.0-223.255.255.255
Destination:  LAN  192.168.0.0-192.168.255.255
Port Range:   Any
Schedule:     Always Enable


So once I Saved it, I lost outbound network connection.
Obviously that was not what I wanted to happen.
« Last Edit: September 14, 2017, 09:23:02 AM by 02ebz06 »
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 43140
  • D-Link Global Forum Moderator
    • New DIR-890L Router with SmartConnect™ Technology
Re: Beefing up Wireless security
« Reply #5 on: September 14, 2017, 09:29:39 AM »

Thats because your blocking the entire internet range with in .1 thru .255. You can't do that.

I believe that that filter is meant for a specific IP address from the WAN to block so if you have a WAN IP address thats trying gain access to something on the LAN side, you would just use that one IP address that is attempting to gain access. Don't use the full IP address range or you block the entire internet.


Dang, just lost everything I was adding.
I was playing with a IPV4 firewall, but lost outgoing connection when I saved the rule, and everything I had typed in.

Yes, want to block WAN to LAN access.

For the rule, I selected this -->  "Turn IPV4 Filtering ON and DENY rules listed"
The manual isn't 100% clear at to what this means (at least to me).
From the manual: "To begin, use the drop-down menu to select whether you want to ALLOW or DENY the rules you create"
Denying the Rule seems a strange way to word it, so I assume that it means it will deny the access listed in the rule.

Had an issue with setting a WAN rule range.
Can't use 0.0.0.0-255.255.255.255
Lowest you can set is 1.0.0.0  and  highest is 223.255.255.255

So I created this rule"

"Turn IPV4 Filtering ON and DENY rules listed"
Name:         Block WAN Access
Source:       WAN   1.0.0.0-223.255.255.255
Destination:  LAN  192.168.0.0-192.168.255.255
Port Range:   Any
Schedule:     Always Enable


So once I Saved it, I lost outbound network connection.
Obviously that was not what I wanted to happen.
Logged
Cable:100mb/3Mb>Motorola SB6183>DIR-880L>HP 24pt Gb Switch. 3xDGL-4500s,DIR-857,835,827,815,890L,880L,868L,865L,836L,826L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L and a Boxee.
Go Here>Router Troubleshooting

02ebz06

  • Level 2 Member
  • **
  • Posts: 29
Re: Beefing up Wireless security
« Reply #6 on: September 14, 2017, 09:47:56 AM »

I guess I misunderstood it's function then.
I though it would block any outside IP from trying to access my network.
Don't understand why it blocked outgoing traffic.
So you are saying I need to allow unsolicited WAN devices to access my network?

So no way to block unknown unauthorized IP's from accessing my network?
 
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 43140
  • D-Link Global Forum Moderator
    • New DIR-890L Router with SmartConnect™ Technology
Re: Beefing up Wireless security
« Reply #7 on: September 14, 2017, 09:50:19 AM »

I believe thats whats it's for, WAN Side.

You would have to figure out what WAN side IP address are attempting to gain access to block. I believe also that this is a pin hole kind of process as well so if you do want WAN side addresses to have access to the LAN side sources, this is used in this regard, like if you have a server on the LAN side which you want remote WAN side users to have access, then you would allow access from there specific IP addresses thru the firewall.
« Last Edit: September 14, 2017, 09:55:29 AM by FurryNutz »
Logged
Cable:100mb/3Mb>Motorola SB6183>DIR-880L>HP 24pt Gb Switch. 3xDGL-4500s,DIR-857,835,827,815,890L,880L,868L,865L,836L,826L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L and a Boxee.
Go Here>Router Troubleshooting

02ebz06

  • Level 2 Member
  • **
  • Posts: 29
Re: Beefing up Wireless security
« Reply #8 on: September 14, 2017, 10:19:03 AM »

No user community, just me and my local servers for my use only, and other LAN connected devices.

Any idea why it blocked outgoing connections?
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 43140
  • D-Link Global Forum Moderator
    • New DIR-890L Router with SmartConnect™ Technology
Re: Beefing up Wireless security
« Reply #9 on: September 14, 2017, 10:25:21 AM »

Your range was all inclusive in the configuration so everything got blocked.  ::)



Logged
Cable:100mb/3Mb>Motorola SB6183>DIR-880L>HP 24pt Gb Switch. 3xDGL-4500s,DIR-857,835,827,815,890L,880L,868L,865L,836L,826L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L and a Boxee.
Go Here>Router Troubleshooting

02ebz06

  • Level 2 Member
  • **
  • Posts: 29
Re: Beefing up Wireless security
« Reply #10 on: September 14, 2017, 10:41:59 AM »

Right, but that was WAN to LAN, not LAN to WAN.
Logged

GreenBay42

  • Administrator
  • Level 3 Member
  • *
  • Posts: 345
Re: Beefing up Wireless security
« Reply #11 on: September 14, 2017, 10:47:10 AM »

Correct. You blocked all incoming traffic. Your traffic from your network went out but was not let back in since it is blocked. Since you cannot connect to the internet, the filtering is working :)
Logged

02ebz06

  • Level 2 Member
  • **
  • Posts: 29
Re: Beefing up Wireless security
« Reply #12 on: September 14, 2017, 10:51:16 AM »

Yeah, the light came on after I posted that. it is the WAN sending the page to me, not me retrieving it.

So, no way to block intruders unless you know who they are.
Logged

GreenBay42

  • Administrator
  • Level 3 Member
  • *
  • Posts: 345
Re: Beefing up Wireless security
« Reply #13 on: September 14, 2017, 11:09:25 AM »

Well the router does that already. Most incoming traffic (that was not requested by your local network or you hosting a server) is automatically blocked by default. If I have your WAN IP address I cannot just enter your network (unless I was a skilled hacker that knew an exploit).



Logged

02ebz06

  • Level 2 Member
  • **
  • Posts: 29
Re: Beefing up Wireless security
« Reply #14 on: September 14, 2017, 11:12:11 AM »

OK, thanks.
Just because I'm paranoid, it doesn't mean they aren't out to get me.   ;D
Logged
Pages: [1] 2