Blocked device access gets reset for macbooks
I have Firewalla Purple device. We purchased the device primarily to control internet and app access for kids' devices. My son uses a macbook. From time to time we need to block access to set boundaries. Sometime we block complete access by blocking internet and other times we block access to Social/Discord, Gaming and YouTube.
We find that the Firewalla controls are not accurate. We find that after we block access he is back on the computer after some time browsing and watching YT. When I check the app, I find that the controls seems to have reset or in some cases have no effect.
We (parents) control firewall app from our two mobile phones. Son doesn't have access to the two phones.
We use Google Wifi mesh router. The Wifi provided by the cable provider is disabled.
What could be the issue? Do you think it is got to do with Macbook mac randomization?
-
Router mode as described here: https://help.firewalla.com/hc/en-us/articles/4416280723859-Google-Wifi-or-Nest-Wifi-Mesh-network-with-Purple-Beta-
Not sure what you mean by blocking a device. When I try blocking network flows, they are a hit or miss. They sometimes work. For example, I am unable to block discord by blocking the Discord app and adding block rule list in network flows.
One more observation: For multiple devices (including the macbook and IoT), periodically we see the message that the device needs to be connected to the network for it to be monitored. These devices are on the network and working fine but the Firewalla app is unable to detect them. I also don't see any new uknown devices on the network. -
Check if the network connection on the Apple device has "Private WiFi" (or something similar) enabled. MAC address randomization has been a pain on my network, and so I set my family's devices to no longer randomize their MAC addresses. If they do not turn it off, then when they get a new address, Firewalla is configured to Quarantine any "new" devices that it discovers. So, either the family plays by my rules or they'll automatically get blocked.
-
Thanks for the tip, Michael. I will definitely going to disable MAC address randomization.
I figured it out what the issue was. Our Google Wifi mesh router was reset recently. As a result, the DHCP range on the Wifi mesh was reset and as a result instead of issuing IP addresses for the Wifi mesh repeaters only, Google Wifi was issuing IP addresses to the devices on the Wifi network. As a result, Firewalla was not able to monitor these devices. It turns out that I was setting rules on the kids' devices as a group. When I went to the individual device, Firewalla was indicating that the device is offline but in reality the device was connected to Wifi network with Google Wifi issued IP address.
I constrained the DHCP range on the Google Wifi to only 2 devices (# of mesh repeaters) and now I am able to control the son's device as expected.
Please sign in to leave a comment.
Comments
5 comments