Blocked device access gets reset for macbooks

Comments

5 comments

  • Avatar
    Firewalla

    What mode are you running? If you block your son's PC/MAC, does that work?

    0
    Comment actions Permalink
  • Avatar
    Abhijit Barde

    Router mode as described here: https://help.firewalla.com/hc/en-us/articles/4416280723859-Google-Wifi-or-Nest-Wifi-Mesh-network-with-Purple-Beta-

    Not sure what you mean by blocking a device. When I try blocking network flows, they are a hit or miss. They sometimes work. For example, I am unable to block discord by blocking the Discord app and adding block rule list in network flows.

    One more observation: For multiple devices (including the macbook and IoT), periodically we see the message that the device needs to be connected to the network for it to be monitored. These devices are on the network and working fine but the Firewalla app is unable to detect them. I also don't see any new uknown devices on the network.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Check this

    1. Block one device, and see if the blocking works or not. (not application block, just block the internet)

    2. Double check the IP addresses assigned to each of the devices, and see if they are the same as your LAN

    0
    Comment actions Permalink
  • Avatar
    Michael Yuen

    Check if the network connection on the Apple device has "Private WiFi" (or something similar) enabled. MAC address randomization has been a pain on my network, and so I set my family's devices to no longer randomize their MAC addresses. If they do not turn it off, then when they get a new address, Firewalla is configured to Quarantine any "new" devices that it discovers. So, either the family plays by my rules or they'll automatically get blocked.

    0
    Comment actions Permalink
  • Avatar
    Abhijit Barde

    Thanks for the tip, Michael. I will definitely going to disable MAC address randomization.

    I figured it out what the issue was. Our Google Wifi mesh router was reset recently. As a result, the DHCP range on the Wifi mesh was reset and as a result instead of issuing IP addresses for the Wifi mesh repeaters only, Google Wifi was issuing IP addresses to the devices on the Wifi network. As a result, Firewalla was not able to monitor these devices. It turns out that I was setting rules on the kids' devices as a group. When I went to the individual device, Firewalla was indicating that the device is offline but in reality the device was connected to Wifi network with Google Wifi issued IP address.

    I constrained the DHCP range on the Google Wifi to only 2 devices (# of mesh repeaters) and now I am able to control the son's device as expected.

     

    0
    Comment actions Permalink

Please sign in to leave a comment.