Solved: Re: Device still on my wifi with Mac filter in pla... - Hughesnet Community

Dtrail · ‎06-16-2018

A tenant was allowed access to my wifi but became disgruntled so I knocked them off with a Mac address filter which worked immediately. Somehow they've made their way back on to the wifi with the filter still in placed. How is this possible? Any help would be appreciated.

C0RR0SIVE · ‎06-17-2018

So, never tested this before, but decided I would give it a go, and detail what I have tested and found.

1: I have never connected my phone to my HT2000w Wifi, so, I enabled the Mac Address Filtering and set it to Deny the MAC tied to my phone. I could see the network, but would get an authentication error immediately when trying to connect.

2: I disabled the filtering, and have connected my phone, then verified that the HT2000w sees my phone and that it's in the listed devices section of the Wifi Settings section. I have also verified the device is listed under the Advanced page settings of the HT2000w.

Once that has been verified, I went and enabled the Mac Filtering with a Deny rule for the MAC address on my phone. My phone after a few minutes immediately disconnected. I then checked the two locations where devices will show up.

In the Wifi Setting page, it no longer showed the phone at all, but in the Advanced Configuration page, it now shows my phone as disconnected.

I have also verified on my phone, that I am not able to connect to my HT2000w anymore.

I think what has happened is that the person has multiple devices, or is spoofing their MAC address. You would be best off to in the future enable the Guest Network, and use a unique password on that, that you can freely change with no worries at any time. The best course of action right now, is to change your primary network passwords for both the 2.4Ghz and 5.0Ghz bands, and if you have guest networks enabled, change those passwords.

View solution in original post

GabeU · ‎06-16-2018

@Dtrail

I don't have the first clue about Mac filtering, but you could change the access password so that they can't connect. Of course, you'd have to enter the new password in all of the devices that you connect with via WiFi, but it would still stop them from having access.

Dtrail · ‎06-16-2018

Thanks for the reply Gabe. While changing the password is a solution unfortunately it wouldn't be a fix to the problem. If this tenant, who isn't tech savvy, can somehow get around a Mac filter then I have concerns about the HT2000 as a secure device.

Last night I put in place a "Parental Control" rule for their Mac address essential blocking everything out there but yet they still have access.

The only thing I can think of that they may have done is set up a wireless repeater. But still a Mac address is a Mac address is a Mac address and a filter meant specifically to to block access should do just that. So this just really confuses me.

Again thanks for your reply.

GabeU · ‎06-16-2018

Hmmm.

I'll tag a couple of people who have some knowledge about networking and the ins and outs of the HT2000W. I can't guarantee that they'll reply, but if they do they may be able to help. Otherwise, this might be something for the reps. They're not back until Monday, though. Hopefully someone can help get this figured out.

@MarkJFine

@C0RR0SIVE

MarkJFine · ‎06-17-2018

@Dtrail
Yeah, it's doubtful they're spoofing the MAC address. Some ideas:
1. After you set the MAC filter, you might have to reboot. Sometimes it doesn't take immediately. Not sure why that is.

2. Also possible that if you've set the MAC List to Deny, they are just using a different device. It's actually safer to collect a list of MAC addresses that you want to limit use of the router, and use those in one set for Allow instead. This gives you absolute control over who can use the modem.

* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.

C0RR0SIVE · ‎06-17-2018

So, never tested this before, but decided I would give it a go, and detail what I have tested and found.

1: I have never connected my phone to my HT2000w Wifi, so, I enabled the Mac Address Filtering and set it to Deny the MAC tied to my phone. I could see the network, but would get an authentication error immediately when trying to connect.

2: I disabled the filtering, and have connected my phone, then verified that the HT2000w sees my phone and that it's in the listed devices section of the Wifi Settings section. I have also verified the device is listed under the Advanced page settings of the HT2000w.

Once that has been verified, I went and enabled the Mac Filtering with a Deny rule for the MAC address on my phone. My phone after a few minutes immediately disconnected. I then checked the two locations where devices will show up.

In the Wifi Setting page, it no longer showed the phone at all, but in the Advanced Configuration page, it now shows my phone as disconnected.

I have also verified on my phone, that I am not able to connect to my HT2000w anymore.

I think what has happened is that the person has multiple devices, or is spoofing their MAC address. You would be best off to in the future enable the Guest Network, and use a unique password on that, that you can freely change with no worries at any time. The best course of action right now, is to change your primary network passwords for both the 2.4Ghz and 5.0Ghz bands, and if you have guest networks enabled, change those passwords.

Device still on my wifi with Mac filter in place

Device still on my wifi with Mac filter in place