DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Bind IP to MAC internet issue
- deepblue12
- Topic Author
- Offline
- New Member
Less
More
- Posts: 8
- Thank you received: 0
07 Jun 2022 17:04 #101246
by deepblue12
Bind IP to MAC internet issue was created by deepblue12
I've had my Vigor2865ax for a couple of weeks and slowly finding my way around. On my last Netgear router i bound all my devices MAC-IP so i could keep track of exactly what's on my network from a security perspective. I've followed the same route with my Vigor but have come across an issue with those devices that connect through a TP Link RE450 Repeater.
They can see and connect to anything within the LAN but cannot connect to the internet when Bind IP to MAC is enabled! Repeater is setup for 2.4ghz only (5ghz is disabled) and the correct MAC has been added to the IP Bind list but it just doesnt allow access. Disable Bind to MAC and everything is fine.
Any advice appreciated.
Gary
They can see and connect to anything within the LAN but cannot connect to the internet when Bind IP to MAC is enabled! Repeater is setup for 2.4ghz only (5ghz is disabled) and the correct MAC has been added to the IP Bind list but it just doesnt allow access. Disable Bind to MAC and everything is fine.
Any advice appreciated.
Gary
Please Log in or Create an account to join the conversation.
- ctluk
- Offline
- Junior Member
Less
More
- Posts: 56
- Thank you received: 5
07 Jun 2022 17:42 #101247
by ctluk
Replied by ctluk on topic Re: Bind IP to MAC internet issue
Just to clarify what you're doing, are you basically using what we used to call "MAC filtering" which means that a device cannot connect to the network unless it's MAC is allowed? Or are you simply binding MAC to IP so you know what IP address a given device will always be on? Last question, what type of devices are you connecting?
Please Log in or Create an account to join the conversation.
- deepblue12
- Topic Author
- Offline
- New Member
Less
More
- Posts: 8
- Thank you received: 0
07 Jun 2022 18:00 #101249
by deepblue12
Replied by deepblue12 on topic Re: Bind IP to MAC internet issue
Its actually both.
Note:
1. IP-MAC binding presets DHCP Allocations.
2. If Strict Bind is enabled, unspecified LAN clients in the selected subnets cannot access the Internet.
The devices are a PC, an Apple TV and a Energenie MiHome controller all passing through a TPLink Extender. Like i said i can ping them all from within the LAN.
I thought the Repeater was possibly changing the MAC address as it forwards it to the router but the above doesnt appear to support that theory.
Note:
1. IP-MAC binding presets DHCP Allocations.
2. If Strict Bind is enabled, unspecified LAN clients in the selected subnets cannot access the Internet.
The devices are a PC, an Apple TV and a Energenie MiHome controller all passing through a TPLink Extender. Like i said i can ping them all from within the LAN.
I thought the Repeater was possibly changing the MAC address as it forwards it to the router but the above doesnt appear to support that theory.
Please Log in or Create an account to join the conversation.
- edinburgh
- Offline
- Member
Less
More
- Posts: 231
- Thank you received: 0
07 Jun 2022 23:19 #101250
by edinburgh
Replied by edinburgh on topic Re: Bind IP to MAC internet issue
Is the extender's MAC address also included amongst all the addresses?
Please Log in or Create an account to join the conversation.
- deepblue12
- Topic Author
- Offline
- New Member
Less
More
- Posts: 8
- Thank you received: 0
08 Jun 2022 05:19 #101251
by deepblue12
Replied by deepblue12 on topic Re: Bind IP to MAC internet issue
Yes both 2.4 and 5ghz MAC addresses have been included
Please Log in or Create an account to join the conversation.
- desquinn
- Offline
- Junior Member
Less
More
- Posts: 73
- Thank you received: 0
09 Jun 2022 08:20 #101252
by desquinn
Des Quinn
Replied by desquinn on topic Re: Bind IP to MAC internet issue
on recent training it was mentioned not to enable strict bind as "it causes more problems than anything else". If you are trying to stop devices from having any access then maybe use binding without strict mode and keep your range well defined ie DHCP pool 100-150 with 25 taken up and then put a firewall rule in place to limit anything from 126-150 from accessing any resource.
Also it is very easy to spoof a mac address and is actually a technique that you use from time to time to accomplish an objective.
Also it is very easy to spoof a mac address and is actually a technique that you use from time to time to accomplish an objective.
Des Quinn
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek